Hello. I've used http validation with the --stateless option to issue a certificate for example.net and dns validation to issue a wildcard certificate for *.example.com
I ran these commands to do so:
acme.sh --issue -d example.net --cert-home /etc/letsencrypt/live --stateless
acme.sh --issue --challenge-alias example.org --dns dns_cf -d *.example.com --cert-home /etc/letsencrypt/live
The certificates are issued successfully and are working with my nginx configuration, however, I'm having issues testing renewal both via cli and cron:
If I run renewal manually for example.net:
acme.sh --renew -d example.net
I receive:
Renew: 'example.net'
'example.net' is not an issued domain, skip.
So I figured I had to specify --home /etc/letsencrypt/live .
This works, however, when I add the --force option, it also generate a new thumbprint ID, which means I have to run renewals as --stateless too.
Now this is where my question comes in: Since I have domains validated via HTTP stateless and DNS validation - do I need to create separate cronjobs to take care of this?
The default cron doesn't seem to work at all:
30 2 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" --debug >> /root/test.acme.cron
Produces:
v2.8.8
[Tue Oct 6 16:24:01 CEST 2020] ===Starting cron===
[Tue Oct 6 16:24:02 CEST 2020] ===End cron===
... And nothing else... I would like to be able to renew all certificates via 1 cronjob regardless of which validation method was used so I dont have to specify --stateless or override my thumbprint ID.
Any ideas?