I’m trying to get a wildcard certificate for
cryptoclimate.io, as described here, after making the mistake of getting only a certificate for
Due to TTLs or propagation (even though I set the TTL to the minimum 30s on Digital Ocean), it’s been a highly frustrating experience trying to get that wildcard cert over the past hour or so. Every single challenge fails, and I get different (old, like in this post) TXT values from online domain tools checkers vs. running nslookup locally vs. what certbot fails with.
Would it be possible to force a different hostname than
_acme-challenge? That should avoid these caching and propagation problems.