My domain is: xn--auauaiaioaeeiauuouuoouuaieieaiuuaoa-o7c04dhamabgauej1vieciu.eu
I ran this command: certbot certonly --webroot -w /tmp/letsencrypt-auto/ --must-staple -d xn--auauaiaioaeeiauuouuoouuaieieaiuuaoa-o7c04dhamabgauej1vieciu.eu --staple-ocsp --rsa-key-size 4096
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
An unexpected error occurred:
The CSR is unacceptable (e.g., due to a short key) :: Error finalizing order :: issuing precertificate: CSR doesn't contain a SAN short enough to fit in CN
Please see the logfiles in /var/log/letsencrypt for more details.
The operating system my web server runs on is (include version): Ubuntu 18.04.3
The version of my client is: 0.31.0
Could anyone give me some pointers how I can acquire a certificate for this domain?
one label may have max. 63 characters, so that label is ok.
But there is an additional limit: The CN can have (if I know it correct) max. 64 characters. Yours has 66.
You may add a second, shorter domain with that domain as first domain name -> so it's used as CN.
Earlier, I've created a certificate with this-is-a-very-long-really-very-long-name-of-this-small-bdomain as subdomain name (63 characters + .server-daten.de). Worked with www.server-daten.de as second domain name and CN.