Random LE server issues


#1

Hi ppl

I have a nginx server on D.O.

My DNS have one A/AAAA and 4 CNAMEs pointing to the same server.

I have it behind CloudFlare DNS, but i’ve disabled temporarly to make the auth. I know it works because I logged with tcpdump some http requests to all subdomains. CF doesnt hijack while disabled, it acts like a normal DNS server.

I’ve also stopped my nginx server to make room on port 80 for the LE client.

When I try to issue to only one of that 5 FQDNs it works ALMOST all the time. It fails 1 in 5.

With that in mind I want only one cert for all that 5 subdomains. So I run:

./letsencrypt-auto certonly -d MAINDOMAIN -d SUB1.MAINDOMAIN -d SUB2.MAINDOMAIN -d AND-SO-ON --agree-dev-preview --verbose

(Ran certonly because of nginx issues)

But I cant finish all process because it fails RANDOMLY in any of subdomains, maindomain included. Sometimes it fails on SUB1, sometimes on SUB1 + SUB2, sometimes on MAINDOMAIN + SUB2, etc.

Why the validation fails this way?

Thanks for your time!

Edit: After 15+ tries I got it working for all my subs simultaneosly.