Apply let's encrypt to the main domain and *

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (ubuntu 16):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes):

I’m using a control panel to manage my site (no):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

please i need to apply the cert on my main domain ( and * )
i run this command : *sudo -H ./letsencrypt-auto certonly --standalone -d -d
and here is my output :
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Error creating new order :: Domain name “” is redundant with a wildcard domain in the same request. Remove one or the other from the certificate request.
BTW i use an ubuntu 16 server with Nginx
please, can someone help me with a tutorial,

Thank you all.


This is a simple question, but we actually need a little bit more detail.

What software did you use to obtain this certificate?
What command did you use?

Thank you

hello stevenzhu

please what you mean by software ?

i’m using SSH ( putty) on the installation with root access

If you need a wildcard certificate, you are going to need to use the DNS challenge. --standalone is not compatible with wildcards.

So consider whether you really need a wildcard, or whether you can list all of the domains you need on the certificate. Explicitly listing the domains is better and easier.

1 Like

Sorry I didn’t read some part of your response…

As @_az said, you’ll need to use DNS challenge, you also need to edit the command.
You could try the below command and follow the instructions. Please note that certificate generated by the below command does not support renewal (without other scripts)
sudo -H ./letsencrypt-auto certonly --standalone --manual -d * -d

Thank you

1 Like

Thanl you for your fast reply i will try it right now

hello again

i try this command and i get this message
Could not choose appropriate plugin: Too many flags setting configurators/installers/authenticators ‘standalone’ -> 'manual’
Too many flags setting configurators/installers/authenticators ‘standalone’ -> 'manual’
find bellow the log

root@moq:/opt/letsencrypt# tail /var/log/letsencrypt/letsencrypt.log
return config.func(config, plugins)
File “/opt/”, line 1241, in certonly
installer, auth = plug_sel.choose_configurator_plugins(config, plugins, “certonly”)
File “/opt/”, line 190, in choose_configurator_plugins
req_auth, req_inst = cli_plugin_requests(config)
File “/opt/”, line 279, in cli_plugin_requests
req_auth = set_configurator(req_auth, “manual”)
File “/opt/”, line 253, in set_configurator
raise errors.PluginSelectionError(msg.format(repr(previously), repr(now)))
PluginSelectionError: Too many flags setting configurators/installers/authenticators ‘standalone’ -> ‘manual’


Sorry about that.

In this case, you should use
sudo -H ./letsencrypt-auto certonly --manual -d * -d

Thank you

Thank you so much guys for the help i think the issue is fixed but i should create a TXT recorde the problem is on my dns provider i add the NS1 | NS2 with the ip of VPS hosting and i can’t add the TXT on my DNS platform so i should find a solution to create the TXT record on my a2hosting platform or on ubuntu itself here is the output i get

Many thanks for all of you

I think you’ll just need to figure out how to add the TXT record…
But you should be able to add a record on _acme-challenge right?

Thank you

Hi @Amer

please share a screenshot of your dns menu.

Creating a TXT entry should normally be possible.

Your nameservers:

Domain	Nameserver	NS-IP
	•	•
	2a03:8180:1102:b7::2	•
	•	•
	2a03:8180:1301:110::2	•


These are your name servers. Nothing about TXT entries.

What says “DNS”?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.