-
Notifications
You must be signed in to change notification settings - Fork 51
No longer able to request or renew certificates since the latest merge #9
Comments
If I change the
|
@jordiclariana, what do you think? |
I understand why it fails. My change makes it work only for domains, not hostnames. some refactor should be changed in order to find out if the Give me some time to figure out the solution if you will. |
…d its domain in R53 zones Should fix jed#9
Please, try my proposed PR and let me know if it fixes this. |
Out of interest, why would you want this? For HTTPS, you need the |
This was the main reason to get rid of the About wildcards certificates in Letsencrypt you are right, it is planned to be released if I'm not wrong at the end of February, but my PR does not intent to use this new functionality, but I think it can help when it is finally released (although I don't know yet how it is going to be implemented on certbot side). |
I'm away from my office today, but I should be able to take the PR for a test tomorrow (Friday) in GMT+11. |
True, but not at the expense of preventing FQDNs from receiving certificates. :) Further, best practice suggests that you should use the SAN field for this, i.e. you'd request a certificate for However, to be honest I've just (re-)discovered acme.sh and I'm replacing all my instances of |
@Djelibeybi, did you have a chance to try #10? |
@jed just tested now and it works great, thanks @jordiclariana! |
Hi,
With the latest changes, I can't seem to request a certificate for a specific machine. I'm running the following:
I am hosting my
domain.com
on Route 53 and before today, this worked just fine and requested a certificate for the machine namedhostname.domain.com
. Today, it no longer works because it tries to search forhostname.domain.com
on Route 53 and fails immediately.If I use
--domains domain.com
it works, but creates a certificate withCN=domain.com
which will fail validation if used for HTTPS onhostname.domain.com
.Am I doing something wrong?
The text was updated successfully, but these errors were encountered: