Closed sachz19 closed 4 months ago
You made a mistake in override (you can't ask for both *.domain.com and plex.domain.com because the wildcard already covers plex.domain.com). Unless you know why you are using the override, do not use it (leave it blank) and Cosmos will automatically use the right domains for your setup based on your proxy settings
I think you misread in the override the only entries were the wildcard and root domain entries (xxx.xxx,*.xxx.xxx), not subdomain entries I resolved the issue by temporarily changing to the cosmos root domain for the affected proxy URL's, renew cert with the same configuration, and change them back without error...
Hmm maybe something did not save right away or something, I'll investigate thanks
Hi,
Just tested adding another subdomain (ombi.xxx.xxx) where the default domain for cosmos is (yyy.yyy) but in the wilcard config I added xxx.xxx,*.xxx.xxx, no specific sub domain and now I receive the same error.
Just retried to be sure... I changed the overwrite to xxx.xxx,*.xxx.xxx as well, and I have a bunch of URL in the proxy and did not get an error from it. Unless I misunderstood your post? What is being the black thing you hid btw, kind need this info (without your actual domain ofc)
The subdomain linked to a proxy url.So my root domain: example.comCosmos domain: cosmos.sfs-it.beProxy url: plex.other.comWildcard field: example.com,.example.com,other.com,.other.comThen add a proxy url radarr.other.comThen the error occurs. On 23 Feb 2024, at 12:16, Yann S. @.**> wrote: image.png (view on web) image.png (view on web) Just retried to be sure... I changed the overwrite to xxx.xxx,.xxx.xxx as well, and I have a bunch of URL in the proxy and did not get an error from it. Unless I misunderstood your post? What is being the black thing you hid btw, kind need this info (without your actual domain ofc)
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>
ok that's the info I was missing, you were trying to wildcard multiple domains. Using HTTPS, you cannot do that. That is why Cosmos is not even trying to properly create the request. You can request a single wildcard, and additional domains as non-wildcard but not multiple wildcard.
Aah oke I understand!Is it something that will be added in the future to be able to use multipke wildcard certificates?If not I’m able to request the certs on my firewall (multiple wildcards in 1 cert) and push to the correct location on the cosmos vm to use it.Is that an allowed usecase?On 23 Feb 2024, at 13:53, Yann S. @.***> wrote: ok that's the info I was missing, you were trying to wildcard multiple domains. Using HTTPS, you cannot do that. That is why Cosmos is not even trying to properly create the request. You can request a single wildcard, and additional domains as non-wildcard but not multiple wildcard.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>
Yes until I bake in support for this kind of support you can use another system (like Certbot itself) to generate the cert, and past it in the config file at /var/lib/cosmos
What happened?
At initial setup I used subdomain specific certificates for the different servapps and proxy urls. When now changing the Letsencrypt config to wildcard, and adding an extra wildcard for the other domains I have, I get the following error: Error creating new order :: Domain name "xx.xx.xxx" is redundant with a wildcard domain in the same request. Remove one or the other from the certificate request. so basically plex.example.com and wildcard for example.com (example.com is the entry in the override option not the default root domain)
What should have happened?
Cosmos should automatically remove the subdomain specific entries in the renewal and apply the newly requested wildcard certificate.
How to reproduce the bug?
Relevant log output
Other details
No response
System details