Wildcard certs on Ubuntu 16.04 is STILL impossible?

Ubuntu 16.04 with Apache 2.4 is surely a common platform.

Yet after renewing wildcard certs manually for most of a year and spending an hour searching the net for solutions, I cannot find a way to accomplish what should be a common need: to renew wildcard certificates other than manually. Really?

I just wasted time figuring out my required BIND DDNS config to interface with certbot, and now it seems I can’t actually get a plugin installed to work with it? Which i didn’t realize wasn’t part of certbot-auto already - “help” command line argument implies that is IS available.

Is there a way to install the dns-rfc2136 plugin to certbot-auto? I’m quite willing to do some manual work here but I need some hints. Or no Ubuntu PPA that can solve this basic and what is surely a common use case?

certbot-auto unfortunately doesn’t package any of the DNS plugins. :slightly_frowning_face:

The official Certbot PPA packages several of them, including the dns-rfc2136 plugin. :slightly_smiling_face:

https://launchpad.net/~certbot/+archive/ubuntu/certbot

sudo apt install certbot python3-certbot-apache python3-certbot-dns-rfc2136

…or, of course, use a client with really strong DNS support like acme.sh.

2 Likes

Thanks. Now I have the same problem as reported all year, here:

specifically the random error reported by creativetags on Mar 5] ('_openssl' has no function, constant or global variable named 'Cryptography_HAS_RSA_OAEP_MD' · Issue #5651 · certbot/certbot · GitHub)

Thank you for your suggestion regardless.

Thank you! I forgot about the other clients and will look at this.

I put a thread in “Servers” which describes getting LE, BIND, DNSSEC, acme.sh,
and wildcards working on Ubuntu 18.04. It might help you with your situation.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.