Is .farm a supported TLD?

My domain is: rera.farm

I am trying to obtain a certificate but getting the following error:

“An unexpected error occurred:
Error creating new order :: Cannot issue for “*.domain”: Domain name does not end with a valid public suffix (TLD)”

I am using Certbot for the process. Is .farm a currently supported TLD. If it is how can i possibly go about resolving the error message i am getting?

1 Like

Let’s Encrypt has issued plenty of certificates for .farm TLDs.

If you are getting that error, it’s because of something else, like errant characters or typos in the domain name being provided to the Let’s Encrypt client.

Does it literally say *.domain in the error message? Or did it say something else?

1 Like

Hi @Nyasha

your domain is online and it’s possible to connect your domain - https://check-your-website.server-daten.de/?q=rera.farm

So farm is a public suffix. If it wouldn’t be a public suffix, it would be impossible to connect your domain.

PS:

There is a bitnami self signed certificate:

CN=www.example.com, OU=Certificate generated at boot time, O=Bitnami
	07.05.2020
	05.05.2030
expires in 3632 days	

So use the bitnami client / script.

And you have a redirect domainname -> ip address.

Domainname Http-Status redirect Sec. G
http://rera.farm/ 18.132.132.95 302 http://18.132.132.95 0.076 D
http://18.132.132.95 302 http://18.132.132.95/auth 0.077 D
http://18.132.132.95/auth GZip used - 4084 / 21819 - 81,28 % 200 Html is minified: 143,26 % 0.096 H
https://rera.farm/ 18.132.132.95 302 http://18.132.132.95 2.420 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors

That’s always wrong, never redirect to ip addresses.

/.well-known/acme-challenge/random-filename isn’t redirected, so there is an exception.

3 Likes

Can you show the complete command you used?

1 Like

Here are the commands i am running in their sequence followed by the output:

bitnami@ip-:~ DOMAIN=rera.farm bitnami@ip-*********:~ WILDCARD=.DOMAIN
bitnami@ip-
:~$ sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
An unexpected error occurred:Error creating new order :: Cannot issue for "
.domain": Domain name does not end with a valid public suffix (TLD)
Please see the logfiles in /var/log/letsencrypt for more details.

1 Like

It needs a real domain there.

If WILDCARD is trying to reference the variable DOMAIN it seems to be failing to do so.
Something more like this might work:
WILDCARD=’*.’$DOMAIN

2 Likes

Try:

DOMAIN=rera.farm
WILDCARD="*."$DOMAIN
sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly

OR

sudo certbot -d rera.farm -d "*.rera.farm" --manual --preferred-challenges dns certonly
2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.