I ran this command: acme.sh --issue --dns dns_cf -d qpalzm.tk -d *.qpalzm.tk --force
It produced this output:
Sign failed, finalize code is not 200.
{
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Error finalizing order :: CSR is missing Order domain \"*.qpalzm.tk\"",
"status": 403
}
My web server is (include version): Nginx:latest
The operating system my web server runs on is (include version): CentOS 7
My hosting provider, if applicable, is: Cloudflare
Sign failed, finalize code is not 200.
{
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "Error finalizing order :: CSR is missing Order domain \"*.qpalzm.tk\"",
"status": 403
}
Ha, yes, I wasn't saying that you didn't know how to google stuff but I can see how that may be implied from my response. I was saying that I had to google it because I don't know much about acme.sh.
Where I've seen issues like this before there has sometimes been a hidden character (such as a unicode hidden space) in the original configuration which meant that *.qpalzm.tk wasn't the same as *.qpalzm.tkââââââ despite looking the same.
If you have a file in your local filesystem's working directory that matches the wildcard, the shell will replace it before running the command.
$ echo *.example.com is a domain name
*.example.com is a domain name
$ echo hello > different.example.com
$ echo *.example.com is a domain name
different.example.com is a domain name
$ echo "*.example.com is a domain name"
*.example.com is a domain name
$ rm different.example.com
$ echo *.example.com is a domain name
*.example.com is a domain name
I don't think this is likely to be the reason for the error you're getting, but it's still good advice to use quotes in Unix shell commands when trying to refer to names that contain *, such as DNS wildcard names.
