Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
$ history | tail
741 sudo apt-get install certbot python-certbot-apache
742 ls -al
743 sudo certbot --apache -d bithouz.com -d www.bithouz.com -d .bithouz.com -d www..bithouz.com
744 ls -al
745 less bithouz.conf
746 sudo certbot --apache -d .bithouz.com -d www..bithouz.com -d bithouz.com -d www.bithouz.com
747 sudo certbot --apache -d *.bithouz.com -d bithouz.com -d www.bithouz.com
748 sudo certbot --apache -d *.bithouz.com -d bithouz.com
749 history
750 history | tail
It produced this output:
$ sudo certbot --apache -d bithouz.com -d www.bithouz.com -d .bithouz.com -d www..bithouz.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices) (Enter 'c' to
cancel): my-actual-email@my-real-email
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
(A)gree/(C)ancel: A
Would you be willing to share your email address with the Electronic Frontier
Foundation, a founding partner of the Let's Encrypt project and the non-profit
organization that develops Certbot? We'd like to send you email about our work
encrypting the web, EFF news, campaigns, and ways to support digital freedom.
(Y)es/(N)o: N
Obtaining a new certificate
An unexpected error occurred:
Error creating new order :: Cannot issue for "www.*.bithouz.com": DNS name had a malformed wildcard label
Please see the logfiles in /var/log/letsencrypt for more details.IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
And
$ sudo certbot --apache -d .bithouz.com -d www..bithouz.com -d bithouz.com -d www.bithouz.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
An unexpected error occurred:
Error creating new order :: Cannot issue for "www.*.bithouz.com": DNS name had a malformed wildcard label
Please see the logfiles in /var/log/letsencrypt for more details.
And
$ sudo certbot --apache -d *.bithouz.com -d bithouz.com -d www.bithouz.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
An unexpected error occurred:
The request message was malformed :: Error creating new order :: Domain name "www.bithouz.com" is redundant with a wildcard domain in the same request. Remove one or the other from the certificate request.
Please see the logfiles in /var/log/letsencrypt for more details.
And
$ sudo certbot --apache -d *.bithouz.com -d bithouz.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
Respectively
My web server is (include version):
$ apache2 -v
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2019-09-16T12:58:48
The operating system my web server runs on is (include version):
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
Yes via ssh and to a command shell (bash shell).
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
There is also a graphical control panel for linode in which I can manage dns records (among other things).
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
$ certbot --version
certbot 0.31.0
$ certbot-auto --version
certbot-auto: command not found
I want to have a wildcard certificate for both of my domains and strongly prefer for certbot to fill out the configuration in my apache configuration files for me (automatically). I do not want to fuss with adding the information manually in those configuration files. I currently have each domain with it's own config file in /etc/apache2/sites-availabe one is jfines.conf and the other is bithouz.conf I am unclear on 2 things: whether or not I need to use certbot-auto (as opposed to just certbot / certbot --apache) and (2) whether the complicated dns challege method is the only way to get a wildcard cert at this time. Isn't there a method that involves nothing more than running a simple command on the command line and being done with it? Is there no way to avoid method where creation of a dns record is involved? --> I just want this to be as simple and fool-proof as possible.
Ultimately, I would like clear instructions with step by step command(s) that I know I can rely on (ie: not from third pary web sites but from here where I can feel confident I'm being given the right information).
Thanks in advance for any help.
Jake