Certbot: error: unrecognized arguments

Hello, I tried generating a ssl certificate using certbot and node and while doing so I got this long error message. I tried the exact commands from this guide Generate Wildcard SSL certificate using Let’s Encrypt/Certbot | by Saurabh Palande | Medium

what i didn't do was in the certbot-auto folder. Do I need to be in that folder to execute this command? moreover I couldn't find the certbot-auto folder after cloning the repo. I saw letsencrypt-auto-source. is that the new certbot-auto folder?

Here is the error message

exec error: Error: Command failed: sudo certbot certonly --manual --preferred-challenges=dns --email johndoe@gmail.com --server https: //acme-v02.api.letsencrypt.org/directory --agree-tos -d example.com *.example.com
  certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...

Certbot can obtain and install HTTPS/TLS/SSL certificates.  By default,
it will attempt to use a webserver both for obtaining and installing the
certbot: error: unrecognized arguments: //acme-v02.api.letsencrypt.org/directory *.example.com

and this is my code in express using the exec command from child_process in nodejs

app.post("/test", (req, res) => {
    `sudo certbot certonly --manual --preferred-challenges=dns --email ${req.body.email} --server https: //acme-v02.api.letsencrypt.org/directory --agree-tos -d ${req.body.domain} *.${req.body.domain}`,
    (error, stdout, stderr) => {
      if (error) {
        console.log(`exec error: ${error}`);
      console.log(`stdout: ${stdout}`);
      console.log(`stderr: ${stderr}`);
  res.json("all okay");

Hi @yellowboi,

Do you see that space in between https: and //acme-v02.api.letsencrypt.org/directory in your command line above? The space doesn't belong there; https://acme-v02.api.letsencrypt.org/directory is a single URL and should be entered with no spaces as part of the command.

Edit: two other things to keep in mind for the future:

(1) You've added the base domain (example.com) alongside the wildcard (*.example.com). This is a useful thing to do, but it will require an extra -d option, like -d example.com -d *.example.com instead of just -d example.com *.example.com.

(2) The method you're using with --manual will not be capable of automated renewal at all, so you'll have to repeat this process at least every 90 days (ideally sooner than that). If you're not OK with that, you might want to look into more automated options, which Let's Encrypt usually recommends. This can be less convenient for a wildcard certificate specifically, because it would normally require API access from your DNS provider.


Thanks, solved the problem.

1 Like