Wildcard cert can only get by one certbot command but using acme.sh by two commands

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.5.0

I need some time to register TXT DNS entry. I don't want to put a sleep or watchdog into the --manual-auth-hook script.
Acme.sh is working perfect with issue and renew later.
Can I do the same procedure with certbot ?

Thanks in advance.

1 Like

Could you please give us a little bit more details than your brief description? What commands are used (it's in the questionnaire!), what script you're using as auth hook, which acme.sh options et cetera et cetera..


I don't understand your question (or intent maybe)..
Apparently acme.sh is doing what you want... Why not continue to use acme.sh?


Yeah, I'm not quite sure what you're looking for either. If you're using an auth-hook and you want a manual delay, though, you probably want to add --debug-challenges to your Certbot command line. Note that certbot renew will still probably not do what you want because --debug-challenges will be ignored or rejected in this case; so you would still need to use your certbot certonly command to renew with --debug-challenges and a manual delay.

1 Like

If you are using a manual process to update DNS records you need to find an automated solution before proceeding any further. If your DNS provider does not have a supported API then consider something like acme-dns.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.