Score:1

certbot wildcard cert not a wildcard

fr flag

I did the following:

sh-3.2# certbot certonly --manual --preferred-challenges=dns --email [email protected] --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.someDomainlab.com

and got results:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/someDomainlab.com/fullchain.pem
Key is saved at:         /etc/letsencrypt/live/someDomainlab.com/privkey.pem
This certificate expires on 2022-08-16.
These files will be updated when the certificate renews.

however when i test wildcard based on This link, i get the following result:

CN=someDomainlab.com

which tells me its not wildcard. I did a dig on _acme-challenge.someDomainlab.com and that returned what certbot told me to add.

what am i missing?

edit:

in the ssl_error.log i see this line when i do the command to test:

[Wed May 18 12:52:23.763857 2022] [core:debug] [pid 7607] protocol.c(1447): [client 192.168.183.1:51660] AH00566: request failed: malformed request line
Score:1
gb flag

You need to quote the domain, so the shell doesn't try and expand the asterisk in *.someDomainlab.com. Use -d '*.someDomainlab.com' like this:

sh-3.2# certbot certonly --manual --preferred-challenges=dns --email [email protected] --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d '*.someDomainlab.com'
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.