I’ve done the honors for you and deleted all my post @Joe
That tell me I’m turning Crazy lol (Just kidding).
But if I understood, @dumorian doesn’t ask a certificate for “mars.ew3d.com". He ask it for “mail3.ew3d.com” or even “mail.johnhintonwoodturner.com” I didn’t see him anywhere asking it for “mars.ew3d.com” (Because according to me, he expect the redirection to be carried out by let’s encrypt. Because it’s the first time he use it, before he had a wildcard certificate with sectigo. But it doesn’t work the same way with a Sectigo wildcard certificate and a Let’s Encrypt certificate).
The wildcard from Sectigo carry out everything: *.ew3d.com (For beginner: the “*” means everything)`
While Let’s Ecrypt (In our situation) only carry: mail3.ew3d.com (You need to add every single subdomain)
I’ve done the honors for you and deleted all my post @Joe
As already said I don’t think the automatic ssl generator handle it. Which explain it doesn’t work for him at this moment.
And this one too in case of:
At least for Beginners (It doesn’t work the same way for wildcard with let’s encrypt than with Sectigo)
No. C’mon. That’s not how this works at all. How could it work like that? Let’s Encrypt is meant to provide TLS certs. It cannot require you to already have working TLS to issue those certs. That’s obviously not a reasonable assumption jump to.
I’ve done the honors for you and deleted all my post @Joe
The URL of the request you’ve picked out of the log is to http://acme-v02.api.letsencrypt.org:443/ which is not OPs website. I’m guessing it’s happening because of the “Max retries exceeded with url: /directory” error (too many requests for Let’s Encrypt certs in a given time. Which isn’t a useful error for figuring out why the earlier requests failed.
I can’t keep up with what’s going on in this thread or what problems we’re trying to solve, but I assure everyone the system hostname does not need a TLS certificate for Virtualmin domains to get a Let’s Encrypt certificate. The system hostname is completely irrelevant to Let’s Encrypt certificates, and I’m not going to argue about it, I’m going to start deleting comments that claim there is some relation, because it is misleading and somebody searching in the future may waste time fucking around with the system hostname, which is not related.
@dumorian why did validation fail before you reached the request limit?
2 Likes
Only commenting to confirm this never was or is a case. Whatever OS I used with *min, I never had to slap a cert onto the hostname.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.