WildCard certificate issue

I have issuer:

apiVersion: certmanager.k8s.io/v1alpha1
kind: ClusterIssuer
metadata:
  name: letsencrypt-staging
spec:
  acme:
    email: test@test
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    privateKeySecretRef:
      name: letsencrypt-staging
    dns01:
      providers:
        - name: prod-dns
          clouddns:
            serviceAccountSecretRef:
              name: gcp-sa
              key: service-account.json
            project: test

And want to create wild card certificate

apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
  name: andrey
  namespace: default
spec:
  secretName: test-tls
  issuerRef:
    name: letsencrypt-staging
    kind: ClusterIssuer
  commonName: "*cert-manager.test.com"
  dnsNames:
  - cert-manager.test.com
  acme:
    config:
    - dns01:
        provider: prod-dns
      domains:
      - "*cert-manager.test.com"
      - cert-manager.test.com

and getting next error:
Events:
Type Reason Age From Message


Warning ErrCreateOrder 1s cert-manager Error creating order: acme: urn:ietf:params:acme:error:malformed: Error creating new order :: DNS name had a malformed wildcard label

Hi @aaktaev

you must use

*.cert-manager.test.com

Wildcard, dot, then the domain name. But you must be owner of the domain. So if you are not owner of test.com, that will not work.

1 Like

Thanks!It helped. Issue can be closed.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.