Any new letsencrypt's wildcard plugin?

darkbear

Verified User
Joined
Jan 31, 2013
Messages
45
thank, but he was say " Yes we will be adding it to DA."
But I find my DA still no wildcard, so I post for request that function...

and sorry for the double post
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,339
Location
LT, EU
Implementation is in progress. Script is finished already, some backend changes are needed for custom DNS TTL values. So, a BETA should be ready soon :)
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,461
Implementation is in progress. Script is finished already, some backend changes are needed for custom DNS TTL values. So, a BETA should be ready soon :)
That is good news. Will the default be that Let's Encrypt certificates created are wildcard certificates? (I hope so) And will existing certificates be renewed as wildcard certificates? (I hope so). What about domains that is using external name servers and only use A records pointed to our servers, will they be able to get wildcard certificates?
 

darkbear

Verified User
Joined
Jan 31, 2013
Messages
45
I think you can't get external name servers's cert via that plugin, that is hard to do that.

anyway, but they are finishing the wildcard plugin that is good for us
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,339
Location
LT, EU
Please try latest DA pre-release binaries. Wildcard support is there :)
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,461
@smtalk, That is good news. Would you be so kind and answer my questions in reply #7?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,339
Location
LT, EU
It requires TXT record for verification, so, NS must be pointing to your server, or some kind of post hook needs to be ran to add the DNS to appropriate server.
 

ditto

Verified User
Joined
Apr 27, 2009
Messages
2,461
Is it possible to set wildcard certificates to be the default selected for all new domains in options.conf?
 

darkbear

Verified User
Joined
Jan 31, 2013
Messages
45
I just find this new letsencrypt.sh.1.1.1 @my custombuild, does it support wildcard?
Thanks
 

Awd

Verified User
Joined
Aug 9, 2015
Messages
316
Yes, but only with latest skin & DA pre release binaries
 

darkbear

Verified User
Joined
Jan 31, 2013
Messages
45
I just finish installed DA's pre-release and skin, plugin.

after that, I try to get my wildcard ssl cert, however I got this error message:
"Your connection has timed out

Details

Either your request was invalid or the program hasn't completed your request.
Please notify the server admin"

And I can't finish my request for wildcard, but after that, I try to un-checked wildcard and get my ssl cert...
I have no any problem, why?

P.S: my server have Comodo WAF 2.22 and ConfigServer Firewall&Security, but I don't think that is their problem

And I check my directadmin's error log:
2018:05:10-19:27:00: Timeout (timeout=300) from xxx.xxx.xxx.xxx : last flagged: getlock(./data/users/admin/domains.list, 'ListFile::readFile') : finished

Thanks
 
Last edited:

DirectAdmin Support

Administrator
Staff member
Joined
Feb 27, 2003
Messages
8,921
Thanks for the report. I've made a few changes:

1) The Timeout was hardcoded to 180 seconds. It's now been changed to 10x the internal timeout. By default, its' 60 seconds, so the SSL timeout is now 10 minutes, instead of 3 (but you can increase it if needed)

2) I've made an SSL-background option, enabled by default for wildcards:
https://www.directadmin.com/features.php?id=2125

Now available in the pre-release section.

John
 

Awd

Verified User
Joined
Aug 9, 2015
Messages
316
I understand Lets Encrypt Wildcard requires TXT record for verification. Is this a one time TXT record or at every renewal a new TXT record with different keys will be created?

If it keeps the same, we could add it at an external DNS.
 
Top