Is there a command to run both check domain using cloudflare DNS (api) and use standalone mode for multiple domains ? example domain1.com,domain2.com,domain3.com all use standalone port 80 BUT domain4.com uses DNS api mode - this is using acme.sh v 3.0
1 Like
Look at the documentation for "hybrid mode" where each domain can use its own authentication type.
It looks like you just specify the authentication type after each domain. (Though I've not used acme.sh yet myself.)
4 Likes
Hi Rg ! Yes they need to be on the same cert, the mail host domain (not cloudflare hosted) the mx records of some of the hosted mail domains point to so parent domain domainmain.com so domain1.com,domain2.com have mx records that are mx.domainmain.com apart from one that is failing that has its own mx and does have its mx record hosted with cloudflare but has never needed or had its dns api setup only a text record added for verification
1 Like
Thankyou for you reply ! Yes you are correct however something has changed as what worked before (3 months ago) now no longer works !
2 Likes
I don't follow your... plan.
MX records can list any domain, not just names from their own domain.
[If not, then large email providers (like Google) could never host email for millions of domains]
2 Likes
Just fyi, one thing that changed since Aug1 is acme.sh now uses ZeroSSL as the default CA. It was supposed to retain prior CA but plenty of reports say problems occurred.
Not sure how this would apply - but it is a significant change. See:
3 Likes
Cheers RG, The MX setup isn't the issue or the domains all under one cert.
the one liner i used to run fails on one particular domain (the only one using cloudflare for its DNS)
The other domains all pass ok
1 Like
Thanks Mike am aware of this and have been using "--server letsencrypt" this makes no difference unfortuneatly !
2 Likes
Then I say getting separate certs would, at a bare minimum, reduce the size of the (remaining) problem.
2 Likes
Ok i tried a further time and my FireWall wasnt configured correctly - So the acme.sh script didnt try to use DNS api it just presumed was a local standalone and failed, opening the firewall and forcing renewal worked a charm ! Hope this helps any others with weird non standard configs! Thankyou for your assistance RG !
4 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.