Problem with Punycode Domains

Help
1

Hi Community,

i have a Problem with a Punycode Domain, so i searched in this Community how to solve it. I seen i had a outdated version of certbot (certbot 0.8.1) and Punycode Domains should be supported after version 0.9.2, so i updated my version with yum update certbot, now i have the new version certbot 0.9.3, but still cant verify punycode domains.

My domain is: süsse-engel.com
Punycode is: süsse-engel.com

I ran this command: /usr/bin/certbot --non-interactive --expand certonly --webroot -w $documentroot -d www.süsse-engel.com,m.süsse-engel.com,ds.süsse-engel.com,süsse-engel.com

It produced this output: Punycode domains are not presently supported: www.süsse-engel.com

My operating system is (include version): CentOS Linux release 7.2.1511 (Core)

My web server is (include version): Apache/2.4.6 (CentOS)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

My Version of Certbot is: certbot 0.9.3

2

Hi @Sm3rT,

If you're running 0.9.3, the error that should have been displayed is

Non-ASCII domain names not supported. To issue for an Internationalized Domain Name, use Punycode.

In this case, Certbot is asking you to explicitly request the Punycode form of your domain name. Version 0.9.3 should be willing to submit this request. If you're still getting the "Punycode domains are not presently supported" error, you're probably still unintentionally running 0.8.1 even if you also have 0.9.3 installed.

3

Hi @schoen,

i looked for my version of certbot and i only see the 0.9.3 version on my system.

rpm -qa | grep certbot
python2-certbot-0.9.3-1.el7.noarch
certbot-0.9.3-1.el7.noarch

i run this command:

/usr/bin/certbot --non-interactive --expand certonly --webroot -w $documentroot -d www.süsse-engel.com,m.süsse-engel.com,ds.süsse-engel.com,süsse-engel.com

But still the same error:

Punycode domains are not presently supported: www.süsse-engel.com

4

@erica @bmw, wasn’t this restriction (and error message) already removed in 0.9.3? How could it be displaying this message?

5

No. Support for this landed in 0.10.0 (source).

Luckily, Certbot 0.12.0 is available in EPEL 7 on CentOS so if you upgrade your Certbot version this problem should go away.

6

@bmw @schoen

Thanks a lot, with new version (certbot-0.12.0-4) is all good :slight_smile:

IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at
    /etc/letsencrypt/live/www.xn–ssse-engel-9db.com/fullchain.pem.

greetz Sm3rT

1 Like
7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.