Unable to change validation method

[ghost]

Hello.

As per this post in the forums on LE: https://community.letsencrypt.org/t/change-validation-method-on-pfsense/112465/7 And this one here from pfsense: https://forum.netgate.com/topic/150216/can-t-renew-with-updated-changed-validation-method

I issued cert via HTTP validation method. Then I changed my mind and switched to DNS. Response was: [Sat Feb 8 14:55:45 CET 2020] Single domain='domain.com' [Sat Feb 8 14:55:45 CET 2020] Getting domain auth token for each domain [Sat Feb 8 14:55:48 CET 2020] Getting webroot for domain='domain.com' [Sat Feb 8 14:55:48 CET 2020] Error, can not get domain token entry domain.com [Sat Feb 8 14:55:48 CET 2020] The supported validation types are: http-01 , but you specified: dns-01 [Sat Feb 8 14:55:48 CET 2020] Please check log file for more details: /tmp/acme/domain.com/acme_issuecert.log

Command:

/usr/local/pkg/acme/acme.sh --issue -d 'domain.com' --challenge-alias 'myotherdomain.com' --dns 'dns_nsupdate' --home '/tmp/acme/domain.com/' --accountconf '/tmp/acme/domain.com/accountconf.conf' --force --reloadCmd '/tmp/acme/domain.com/reloadcmd.sh' --dnssleep '60' --log-level 3 --log '/tmp/acme/domain.com/acme_issuecert.log'

Does acme.sh remember validation and for how long? How long do we have to wait if we want to switch validation methods?

I would say this is a bug.

Thanks.

[Neilpang]

upgrade to the latest master version. it should be fixed.

[rvaliev]

I have the same issue during issuing wildcard certificate:

acme.sh --issue --nginx -d example.com  -d '*.example.com'

Also tried to upgrade but I already have the last version.

[Neilpang]

wildcard cert requires dns validation method.

nginx method can not issue a wildcard cert.