Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
boxfarm.land
I ran this command:
gethttpsforfree.com - Step 3c Sign API Requests - Create your certificate order
It produced this output:
Error: Order failed. Please start back at Step 1. { “type”: “urn:ietf:params:acme:error:rejectedIdentifier”, “detail”: “Error creating new order :: Cannot issue for “certificate authority”: Domain name contains an invalid character”, “status”: 400 }
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
freeipa 4.8
======================
I am trying to install freeipa server (really new at certs) with an external CA. Our domain has already registered and the webserver is running Certbot, but we want to expand to use FIPA to issue certs for our internal services operating off the same domain, hence the introduction of FreeIPA.
I have taken the CSR created by pass 1 of the freeipa server install process and tried to get it signed by following the steps on gethttpsforfree.com, but the process fails during the step to sign API requests/create certificate order with the message indicated in the form above. I have been able to create my own CSR and was able to walk it through the signing process, but FIPA did not like the resulting certificate.
I would like to get the CSR that FreeIPA created signed and would like advice pointing me in the right direction.
Thank you in advance.