Closed BThanapon closed 6 months ago
@BThanapon you can't use example.com
, it must be a real domain name that you want for certificate.
@BThanapon you can't use
example.com
, it must be a real domain name that you want for certificate.
thank you for reply it. example.com i mean i use domain = ec2-xxx-xxx-xxx.amezon.com it true ? for my opinion my domain is ec2-xxx-xxx-xxx.amezon.com or i will get free domain for resolve the problem ?
@fffonion , could give more explanation about it? thanks.
@BThanapon correct, certain well-known domains are not allowed by let's encrypt to avoid security issue, like google.com or amazon.com etc. You will need another domain.
@BThanapon correct, certain well-known domains are not allowed by let's encrypt to avoid security issue, like google.com or amazon.com etc. You will need another domain. Thank you so much for answer my question. i think what wrong with my config.
Is there an existing issue for this?
Kong version (
$ kong version
)Kong 3.5.0
Current Behavior
I use aws-ec2 to install kong by docker compose and try to use acme-plugin to get certificate my kong but i set route follow to guild kong manager plugin acme in kong official my service ACME setting
my route ACME settimg
my acme plugin setting
everything looking good sanity test it pass
curl http://localhost:8001/acme -d host=example.com -d test_http_challenge_flow=true "message":"sanity test for host example.com passed"
but after i use command curl like thiscurl http://localhost:8001/acme -d host=example.com
error like this"message":"failed to update certificate: could not create certificate for host: example.com err: failed to create new order: Error creating new order :: Cannot issue for \"example.com\": The ACME server refuses to issue a certificate for this domain name, because it is forbidden by policy"
in my docker compose i set
Expected Behavior
how to fix this