Domain Validation Error

Cannot request new SSL via Certify SSL app due to invalid domain?

My domain is:
ROG.TERRA.LOCAL

I ran this command:
Request API called from Certify SSL (Community Edition) for Windows IIS

It produced this output:
2019-03-07 07:28:46.596 -08:00 [INF] All Tests Completed OK
2019-03-07 07:28:51.086 -08:00 [INF] Certify/4.1.5.0 (Windows; Microsoft Windows NT 6.2.9200.0)
2019-03-07 07:28:51.086 -08:00 [INF] Beginning Certificate Request Process: Team Foundation Server using ACME Provider:Certes
2019-03-07 07:28:51.086 -08:00 [INF] Registering Domain Identifiers
2019-03-07 07:28:51.089 -08:00 [ERR] BeginCertificateOrder: creating/retrieving order. Retries remaining:2
2019-03-07 07:28:53.139 -08:00 [ERR] BeginCertificateOrder: error creating order. Retries remaining:1 Certes.AcmeRequestException: Fail to load resource from ‘https://acme-v02.api.letsencrypt.org/acme/new-order’.
urn:ietf:params:acme:error:malformed: Error creating new order :: Name does not end in a public suffix
at Certes.Acme.IAcmeHttpClientExtensions.d__0`1.MoveNext()

My web server is (include version):
Windows IIS 6.0

The operating system my web server runs on is (include version):
Windows Server 2016

My hosting provider, if applicable, is:
N/A

I can login to a root shell on my machine (yes or no, or I don’t know):
YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
YES

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
Certify SSL

Hi @Harpalus

this

isn't a public visible (and worldwide unique) domain name.

If you want a Letsencrypt certificate, you must have such a worldwide unique domain name. .local isn't -> no certificate with that domain name.

1 Like

That’s what I thought, but I also thought that because a loopback address (127.0.0.1) could be used that perhaps a non public visible one could be adapted as well.

I guess that isn’t the case?

You must have a public visible domain name. And if you want to use http-01 validation, your domain must be public visible.

Thanks, I kinda got that message from your first post but thanks anyway.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.