Wildcards domains are not supported (yes, I've chose dns challenge)


#1

My domain is: jack1142-home.duckdns.org

I ran this command: certbot certonly --manual --preferred-challenges dns -d *.jack1142-home.duckdns.org

It produced this output: Wildcard domains are not supported: *.jack1142-home.duckdns.org

My web server is (include version): Certbot runs locally on my Raspberry Pi 3, I don’t have problem with server, so it doesn’t matter here.

The operating system my web server runs on is (include version): Certbot runs on Raspbian 4.14.52-v7+

So I have absolutely no idea why this doesn’t work, I’m using correct (dns) challenge, I also tried to add --server parameter with https://acme-v02.api.letsencrypt.org/directory address.


#2

What version of Certbot is it? “certbot --version


#3

0.10.2 -_- well, that sorts out why it doesn’t work… I didn’t know that raspbian’s repository might be that much outdated. It’s over 1,5 year since the package was updated in it :o
Thanks for help, just to make sure, will certbot-auto work exactly the same as certbot? I will use manual hooks anyway, I don’t need DNS plugins.


#4

Certbot auto will work all the same, except it does not come with DNS plugins.

Thank you


#5

certbot-auto compiles stuff. And not tiny stuff.

It can run on an RPi 3 – probably – but you might not like the resource usage when installing or upgrading it.

You might be better off using one of the other clients with wildcard support. In particular the shell script ones are usually easy to install.

acme.sh even has a Duck DNS plugin.


#6

Were you talking about certbot in general or only certbot-auto? Because if you were talking only about certbot-auto, it looks like in stretch-backports repository there’s more recent version of certbot.
I can check out it later though, because if it has Duck DNS plugin, it might be easier to repair, if something wrong happens.


#7

Only certbot-auto.

certbot-auto currently compiles some of Certbot’s dependencies.

If you’re installing Certbot with apt, all the other dependencies would get installed that way too, so it would be fine.


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.