Any new letsencrypt's wildcard plugin?

@deeoo, If you need a wildcard certificate, I don't think you have any other options then to keep using your Comodo wildcard certificate, because if you want to install Let's Encrypt wildcard certificate, then you need the domain to use your nameservers, meaning the DNS must be local. If not, you can't install a Let's Encrypt wildcard certificate, but only a regular one wich would not support wildcard.
 
Yes, it cannot currently be done with external DNS since DA cannot control it.
There are some 3rd party modules we're looking into, where DA could then control the external DNS system (assuming it's a larger DNS provider that's included in the module)

John

Sorry for asking, do we still have workaround for external DNS for now ?

Everytime when I create a domain, I have to modify the external DNS at linode. I think that the TXT verification for _acme-challenge needs to finish propagate before it can request wildcard in letsencrypt but the request is too short before it propagated and I always got the failed message.

Or is there a way to modify the script to request the wildcard certs after few hours so that internal and external DNS propagated successfully before making request?

Error:

Found wildcard domain name and http-01 challenge type, switching to dns-01 validation.
Requesting new certificate order...
Processing authorization for example.com...
DNS challenge test fail for _acme-challenge.example.com IN TXT "pcSWVVLV0li-G0wwgkPorz5l5sKJtmvZ1234WAUZatvZQ", retrying...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
DNS validation failed. Exiting...


It wont be problem if the TXT verification not autogenerated for the next request.
 
I'm having the same problem -- wildcard fails with same error message as shown. Have external DNS, multiple subdomains.

The suggestion that "taskq_dns_post.sh" can fix this is hopeful -- but can somebody who got this working explain the exact method with a code example? What happens with auto-renewals?

Thanks!
Nemo
 
I'm having the same problem -- wildcard fails with same error message as shown. Have external DNS, multiple subdomains.

The suggestion that "taskq_dns_post.sh" can fix this is hopeful -- but can somebody who got this working explain the exact method with a code example? What happens with auto-renewals?

Thanks!
Nemo

You can take a look at this sample script: https://forum.directadmin.com/threads/letsencrypt-issue.59017/post-316694

No need above:

EDIT: https://forum.directadmin.com/threads/letsencrypt-2-0-with-70-dnsproviders-ready-for-testing.61668/
 
Last edited:
Back
Top