How can I get a *.my.ionosdomain certificate

Witzker · February 2, 2025, 1:09am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: my.Ionosdomain
pointing to my myfritz domain with cname
I ran this command: get SSL certificate with NPM

It produced this output: no wildcard certificate without a DNS Challenge

My web server is (include version): wan to use it for reaching my VMs and Synology devices internally

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: IONOS

I can log in to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

The problem is the DNS Challenge

there is no IONOS

Pls help to get a certificate to get rid of the "This site is not secure" when going to a local IP

Bruce5051 · February 2, 2025, 1:57am

Hello @Witzker,

I suggest switching DNS Authoritative Name Servers Provider to one that supports the DNS-01 Challenge.

Note name servers provided typically does not have to be associated with the registrar nor the hosting provider, however they are often all the same for many domains & web servers.

This list is possibly getting stale but still useful

orangepizza · February 2, 2025, 2:01am

different acme client lego/acme.sh have it:

github.com/go-acme/lego

Add DNS provider for Ionos.

go-acme:master ← ldez:feat/ionos

열림 10:31AM - 20 Dec 20 UTC

ldez

+1005 -10

- [x] have a homogeneous design with the other providers - [x] pass the linter … - [x] do `go mod tidy` - [x] add tests (units) - [x] add tests ("live") - [x] add a [provider descriptor](https://github.com/go-acme/lego/blob/master/providers/dns/cloudflare/cloudflare.toml) - [x] generate CLI help, documentation, and readme. - [x] be able to do: _(and put the output of this command to a comment)_ ```bash rm -rf .lego ./lego -m your_email@example.com --dns ionos -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run ``` Note the wildcard domain is important. @AlexH269 could you test by running the previous command (you have to use a real domain and email)? Closes #727

Bruce5051 · February 2, 2025, 2:07am

And here is one for Certbot

danb35 · February 2, 2025, 10:55am

Please note that no certificate from Let's Encrypt will do this--Let's Encrypt certifies domain names (and in the future, public IP addresses), not local IP addresses. You'll need to go to a domain name that matches the certificate to avoid this warning..

webprofusion · February 3, 2025, 5:54am

The easiest thing when your DNS provider is not supported, especially for home labs etc is to use acme-dns and use their free hosted service (which is hosted on a best-efforts) basis. You can debate the security of that (having a 3rd party complete your challenges), but it's convenient.

When you use that you will be asked to set a CNAME record in your DNS pointing to that service, thereafter DNS challenges will be completed using that service.

system · March 5, 2025, 5:54am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Getting certificate for host ionos / domain Help	5	1489	April 8, 2024
Cannot get certificates Help	5	729	February 8, 2019
Multiple _acme-challenge and CNAMEs Help	34	8809	September 21, 2022
Let's Encrypt SSL dns issue Help	2	449	August 13, 2022
Can't generate my Wildcard Certificate by DNS-01 challenge Help	4	2125	December 19, 2019

How can I get a *.my.ionosdomain certificate

Related topics