DNS name does not have enough labels

Hello. When I run the client (using ./letsencryopt-auto) and selecting the name I wish to create a certificate for ([something].se, no sub domain) I get the following error message: The request message was malformed :: Error creating new authz :: DNS name does not have enough labels.

If I understand this correctly there’s some records missing from the DNS entry for my domain? Currently there’s a single A record for @ and a single A record for www. Is there’s something I’m missing here?

Thanks in advance!

In DNS speak, a label is an identifer, so in www.example.org the labels are www, example and org.

Is there any strong reason you can’t share your exact input?


This is probably due to providing an incorrect domain name (e.g. a flag where there should be a server name). Can you paste the full command you ran? As a reminder, once you get a cert, it is made fully public, so there’s no reason to keep your server name confidential.


I see. I misunderstood the meaning of labels and got it working now. I didn’t understand it automatically sent requests for all the names set up on my server so it also sent requests for Apache virtual hosts that was not valid addresses (rarity in my case). I deselected all the other names in the initial “Which names would you like to…” window and it then worked as expected.

I’m having the same issue, but I’m not really getting the hint I’m afraid. What do I need to change for it to work properly? At first I thought it was the ServerName in apache’s config file, so I changed that to the domain name (stats.pluton-team.org) but after restarting Apache I’m stll getting the same error.

Edit: I noticed in the selection menu there was another VirtualHost still selected which shouldn’t be, after deselecting this one the process seems to advance without the error :slight_smile:

I get the same error when I try to generate the certificate for two domain names, “my.domain.net” and “myrouter”.
The certificate is for my router and I’d like to access it from my lan using myrouter and from outsite using my.domain.net.

Is there a way to generate such certificate?

Nope, sorry. Let’s Encrypt (or any public CA) can only issue certificates for valid public domain names.

1 Like