The certificate is only valid for *

Hello, I successfully created a LE certificate using the DNS challenge for * I used that for my nextcloud instead of the normal challenge, because my ISP blocks forwarding of port 80 and 443 on my router. On the router I have exposed two other ports, which redirect to 80/443 on the inside network. Now, when I visit my site on firefox gives out an error and says the certificate is not issued to, but the certificate is only valid for *
Is there a way not to get this error?

A certificate valid for * does not include The way wildcard matching works is that * matches and, but not itself.

You can create a certificate which has "DNS Subject Alternative Names" for both the wildcard * and the base domain name.

How exactly you do that depends on the client, but you should be able to ask it for both domains.


Oh, I see. I should have created a certificate for instead of the wildcard. (assuming I don't want to use sub names) Do I understand this right?


Yes, if you're visiting, you do not want the wildcard. You only want the wildcard if you're visiting


That makes perfect sense. Thank you.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.