My goal is to get a wildcard ssl cert for my domain, I added the txt record after the dns challange but got the error below:
My domain is:gibgeeks.com
I ran this command: sudo certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges -d *.gibgeeks.com
It produced this output: An unexpected error occurred: AttributeError: can't set attribute
My web server is (include version):
The operating system my web server runs on is (include version): ubuntu 23.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.1.0
I realy need to just get the wildcard issued because whatever version of ubuntu i have used I have issues. Are you able to help me diagnose? Certbot was working fine I just kept putting the wrong challenge text in then the error came up
You could "turn off the automation" and get a wildcard cert manually.
[if you need one immediately]
Otherwise...
I'd update to the latest certbot version and show the full log file.
And consider using another ACME client [to save time] - like: acme.sh
I used this command:
sudo certbot certonly --manual --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py --preferred-challenges dns --debug-challenges -d *.gibgeeks.com
That seems to deviate the process some from the basic manual authentication.
And there is no telling [for me - I don't use it] if that is compatible with version 2.1.0
You might try updating to Certbot 2.3. There was a bug fix in 2.3 for this error but I can't know for sure if this fixes your situation. See the link below for details
Or, as rg305 suggested, just do a manual request if this is just a one-time cert. The manual-auth-hook with acme-dns is for automating cert renewals when your domain name service does not provide an API to do so (or, you just prefer to do it this way).
The fully manual method that people allude to would be to remove --manual-auth-hook /etc/letsencrypt/acme-dns-auth.py (but this is not a great long-term solution).
Hopefully upgrading Certbot will help with your situation!
(Maybe we should not have called it --manual-auth-hook but rather had an --external-auth-script method that was inherently separate from --manual, to make it clearer to users whether they could expect for human interaction to be required during the certificate issuance process...?)
I've thought for a long time now that "custom script" and "manual" should never have been both named the same thing. Not sure if how feasible it'd be to change it at this point, though.
,