Third level domain wildcard

Question

Third level domain wildcard

tersor opened this issue 6 years ago · 2 comments

Ubuntu 18.04.1 LTS
Easyengine 4.0.1

I am trying to set up third level domain wildcards (*.foo.example.com). The site create command tells to create 2 TXT records on the same domain (_acme-challenge.foo.example.com), but that is not possible. Am I missing something here?

$ ee site create foo.example.com --type=html --ssl=le --wildcard
Configuring project.
Creating site foo.example.com.
Copying configuration files.
Starting site's services.
Success: Configuration files copied.
Checking and verifying site-up status. This may take some time.
..
    Add the following TXT record to your DNS zone
        Domain: _acme-challenge.foo.example.com.
        TXT value: <value>
        
    Wait for the propagation before moving to the next step
    Tips: Use the following command to check the propagation

        host -t TXT _acme-challenge.foo.example.com.

    Add the following TXT record to your DNS zone
        Domain: _acme-challenge.foo.example.com.
        TXT value: <value>
        
    Wait for the propagation before moving to the next step
    Tips: Use the following command to check the propagation

        host -t TXT _acme-challenge.foo.example.com.

IMPORTANT: Run `ee site ssl foo.example.com` once the DNS changes have propagated to complete the certification generation and installation.Starting site's services.
+--------------+-------------------------------------------+
| Site         | https://foo.example.com                   |
+--------------+-------------------------------------------+
| Site Root    | /opt/easyengine/sites/foo.example.com     |
+--------------+-------------------------------------------+
| SSL          | Enabled                                   |
+--------------+-------------------------------------------+
| SSL Wildcard | Yes                                       |
+--------------+-------------------------------------------+
Site entry created.

Answer 1 · 2018-11-28T08:47:10.000Z

@tersor That is actually possible and necessary if you want a third level wildcard certificate.

Also, refer - https://community.letsencrypt.org/t/multi-level-subdomain-for-the-wildcard-certificate/57319

Just as a demo, I've set up a record on my domain,

$ host -t TXT _acme-challenge.foo.mriyamtamuli.ml
_acme-challenge.foo.mriyamtamuli.ml descriptive text "demonstration2"
_acme-challenge.foo.mriyamtamuli.ml descriptive text "demonstration"

Please close this issue if you feel this has been resolved for you.

Answer 2 · 2018-11-28T09:01:05.000Z

@mbtamuli aha, multiple TXT records with different values.
Tested, works fine 👍
Thank you!