Create Standalone Wildcard Certificate for domain


#1

My domain is: ctesting.patchus.in

I ran this command: sudo certbot certonly --standalone --cert-name “patchus.in” -d “*.patchus.in”

It produced this output: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.

My web server is (include version): I am using socket.io 2.0 with node version 10 and that’s why I need a stand alone wildcard certificate

The operating system my web server runs on is (include version): Ubuntu16.04

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I want to create a standalone wildcard for my domain “patchus.in” I was wondering what is it that I am doing wrong here.


#2

Hi @aniketmaithani

standalone starts an own webserver and uses http-01 - validation. But if you want to use a wildcard certificate, you must use dns-01 validation.

So you must use --manual or your dns provider has an API and certbot supports that API, so you can use a dns plugin.

If you use --manual, you have to create two dns txt entries with the same name

_acme-challenge.patchus.in

or only _acme-challenge, if your dns provider adds the domain name. Then add the two different entries.


#3

Thanks @JuergenAuer let me try it out.