Newbie - help getting certificate

manawaite · March 20, 2020, 12:59am

Hi
I am new to letsencrypt
How to I get a wildcard certificate please?
My service provider can support once I have the SSL certificate
SSL needed: *.manawaite.com
Many thanks
Mana

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: manawaite.com

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: crazydomains

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

_az · March 20, 2020, 1:23am

I’m 90% sure that CrazyDomains does not offer a DNS API, so there is not really any simple automated way to get a wildcard certificate unless you change DNS hosts.

You can try get the certificate manually using Certbot and following the instructions to copy DNS TXT records into your CrazyDomains DNS control panel:

certbot certonly -d manawaite.com -d "*.manawaite.com" \
--manual --preferred-challenges dns

but this won’t get you automated renewal.

(If you can’t run Certbot, you can also try use a web interface to do the same, such as ZeroSSL).

9peppe · March 20, 2020, 8:54am

… or check out acme-dns and install it on a vps, then set some records like this:

auth IN A 192.0.2.53 # example ipv4
auth IN AAAA 2001:db8::53 #example ipv6 (if you have it)
auth IN NS auth

and then the client (not certbot, it doesn’t look like it supports this – but read the message below this) will ask you to add some records like

_acme-challenge[.subdomain] IN CNAME d420c923-bbd7-4056-ab64-c3ca54c9b3cf.auth

see more in the documentation: https://github.com/joohoi/acme-dns#dns-records

danb35 · March 20, 2020, 10:08am

Not natively, but there's a very good client hook script available that gives about the best UX I've seen for acme-dns.

system · April 19, 2020, 10:08am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.