ACME V2 - Getting single domain SSL for Wildcard SSL request

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:shropshire.blog

We have been trying multiple times to get Wildcard SSL for above said domain but always ended up with single domain SSL certificate. Would it be possible to check logs to see if we never sent Wildcard requests?

1 Like

No need for log checking at Let’s Encrypts end: if you really requested a wild cardcertificate, but didn’t get it for some reason, you’d get an error. Let’s Encrypt wouldn’t just “leave out” the wildcard hostname and issue a certificate without it when the authorization for the wildcard failed.

I’m pretty sure the problem lies with your client or how you configured it. Unfortunately, you’ve decided to remove almost everything from the questionnaire, so there’s way too little information to help you further.

2 Likes

According to your domain information, you are using U2 cPanel? (Purely from reverse DNS check)
If you are indeed using cPanel (cpanel.net) as your control panel, what’s the way you obtained that certificate?

In your current situation, you should contact your hosting provider to ask for logs in their local system, instead of asking Let’s Encrypt. (Maybe it’s just different ways of how ACME client parse things)

1 Like

We have been trying custom ACME client and not cPanel inbuilt method actually. Let us try again and get back here.

429 (Error creating new order :: too many certificates already issued for exact set of domains: shropshire.blog

Based on above rate-limit error, how many days will it keep the domain blocked?

1 Like

At most 7 days. (A week)

1 Like

If you succesfully manage to add a wildcard hostname, you’re not subject to that specific rate limit.

That said:

  1. the rate limit is a sliding window of 7 days;
  2. please test on the staging environment.
3 Likes

Well, then what ACME client are you using? acme.sh or something on the letsencrypt.org list?
Knowing the client name (and version) and how you attempt to get the certificate (for example, commands you run) will at least help understand how the client works or (if any) whether you missed something during issuance.

P.S. That’s exactly why there’s a form present when you are opening a new thread.

1 Like

Thank you all for your response :slight_smile: The issue was with our code, I figured it out. Please close this ticket.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.