My domain is: sise-it.com
I ran this command: ./letsencrypt-auto; after that i selected my subdomain office.sise-it.com
I already do have the cert for the main Domain.
It produced this output: “Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.”
My web server is (include version): Apache2
The operating system my web server runs on is (include version): Ubuntu 16.04 LTS
My hosting provider, if applicable, is: I have my own server at home and im using Dyndns A-Record with namecheap
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
My Question now is: Can i obtain a cert for my subdomain with any workaround? Or do i just have to wait for any bugfix? Is this a Problem of my Internet Provider or my Domain Provider, or even both?
Or is it even my fault? In the past i never had problems with this…
Please see https://community.letsencrypt.org/t/tls-sni-challenges-disabled-for-most-new-issuance
Since this is for a sub-domain - do you use a different account key for the sub-domain than the domain ? can you use the domain account key to obtain the certificate for the domain & subdomain ?
Do you mean the DynDNS update via ddclient? That shouldnt be a Problem because im updating sise-it.com via ddclient and “office.sise-it.com” is pointing on “sise-it.com” (CNAME Record)
How can i implement the HTTP-01 or DNS-01 challenges?
I always used ./letsencrypt-auto to this point and this uses TLS-SNI automatically right?
This thread explains what you can do with Certbot:
The next version of Certbot should work by default, using HTTP-01 with Apache.
Ok, so i just need to wait for the next update, right…
Is ./letsencrypt-auto = certbot, or is that another method to obtain certs?
Im just asking this because the “certbot” command is not found on my machine. I tried to execute it while in /etc/letsencrypt
Yes. The project was renamed from “letsencrypt” to “Certbot”, but letsencrypt-auto/certbot-auto operates, and automatically upgrades itself, regardless of what the program is named.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.