Error expand certificate wildcard

thandrade830 · January 10, 2020, 4:19pm

Hi good afternoon everyone,
I am experiencing the following problem:
I generated the wildcard certificate with the following command:

certbot certonly --manual --preferred-challenges dns-01 --email --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d * .easy-doctor.app

But is having problem when accessing only the domain easy-doctor.app, searching I found that you can expand to put the domain with the command:

certbot certonly --manual --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d "* .easy-doctor.app " -d easy-doctor.app

The command opens a wizard after executing to expand it returns this error:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.

Can someone help me?
Thanks!

JuergenAuer · January 10, 2020, 4:34pm

Hi @thandrade830

if you have that error, that's only a typo, if your first command has worked.

certbot certonly --manual --preferred-challenges dns-01 
--server https://acme-v02.api.letsencrypt.org/directory 
--agree-tos -d "* .easy-doctor.app " -d easy-doctor.app

There are two spaces. Use

-d *.easy-doctor.app

or test

-d "*.easy-doctor.app"

The general solution is correct. You can't use a certificate only with a wildcard domain name with the main domain name. You need both domain names *.example.com + example.com.

thandrade830 · January 10, 2020, 4:45pm

I just ran the command you mentioned and gave this return:

An unexpected error occurred:
Error creating new order :: Cannot issue for "* .easy-doctor.app": Domain name contains an invalid wildcard. A wildcard is only permitted before the first dot in a doma
in name.

For me to add a domain in wildcard is this the same way I’m trying?
Thank you!

Huijaaja42 · January 10, 2020, 4:55pm

“* .easy-doctor.app” is invalid it should be “*.easy-doctor.app”

JuergenAuer · January 10, 2020, 4:59pm

Then test it without ".

Your first command has worked, so it’s not a general problem.

thandrade830 · January 10, 2020, 5:05pm

Strange that on my homologation server the same command worked.
And in the log does not show me many details of the error. =(
Running the command without “.” but not working.

Osiris · January 10, 2020, 8:19pm

I think @JuergenAuer meant the quote sign (").

But your error message still contains a hostname with a space after the asterisk (*). You should be 500 % certain your command doesn’t contain erroneous spaces in hostnames.

system · February 9, 2020, 8:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Update wildcard certificate to include base domain Help	39	5891	June 14, 2018
Wildcard certificate issuer problem Help	19	3309	May 12, 2018
Wildcard with rfc2136 dns challenge Help	20	7480	June 28, 2018
Wildcard domains Help	4	488	April 25, 2020
Wildcard certificate Help	2	912	June 26, 2019

Error expand certificate wildcard

Related topics