Certbot: "The currently selected ACME CA endpoint does not support issuing wildcard certificates."


#1

When I request a wildcard certificate I get the message “The currently selected ACME CA endpoint does not support issuing wildcard certificates.” (Latest certbot from pip)


ACME v2 and Wildcard Certificate Support is Live
#2

You need to add --server https://acme-v02.api.letsencrypt.org/directory to your Certbot command to tell it to use the ACME v2 API that supports Wildcard certificates.


#3

Is there a way to put that into a config?


#4

And why isn’t this mentioned anywhere?


#5

@schoen Do you know the answer to this Certbot question?


#6

Found it:
server = https://acme-v02.api.letsencrypt.org/directory


#7

When will this be defaulted in certbot?


#8

I just put in a pull request for this. The post does say “Authorizations held by a V1 account will not be usable in the V2 environment - you must revalidate your domains for use with ACME v2,” which may or may not affect most automated workflows.


#9

Per https://github.com/certbot/certbot/issues/5369 it sounds like this is being deferred to the next release.


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.