My domain is: ro.gov.br
I ran this command: certbot certonly --logs-dir /tmp -m datacenter@setic.ro.gov.br --agree-tos --force-renewal --dns-rfc2136 --dns-rfc2136-credentials /root/certificado/dns-key-ro.ini --dns-rfc2136-propagation-seconds 300 --preferred-chain "ISRG Root X1" -d *.ro.gov.br
It produced this output:An unexpected error occurred:
The server will not issue certificates for the identifier :: Error creating new order :: Cannot issue for "*.ro.gov.br": Domain name is a wildcard for an ICANN TLD
The operating system my web server runs on is (include version): Oracle 8
The version of my client is: certbot 1.19.0
Basically when trying to create the wildcard for *.ro.gov.br I get an error as if I were a TLD, if I try to perform the same command for anything.ro.gov.br and *.anything.ro.gov.br it works exactly as expected. Can you tell me why I have this restriction?
Would it be a bug that my domain is written identical to the ICANN TLD (https://data.iana.org/TLD/tlds-alpha-by-domain.txt)?