Open kingwill101 opened 8 years ago
IMcPwn
commented
8 years ago A certificate won't be generated for your main domain if you point it somewhere else. If you point the A record to another domain under System > Custom DNS you'll see:
The domain's website is hosted elsewhere.
back on the System > TLS (SSL) Certificates page.
kirrus
commented
8 years ago The system complains about not being able to generate certs for the domains on SSL renewal still.
cmsirbu
commented
8 years ago I'll add to this that the messages are a bit inconsistent. It shouldn't be an error when the main domain (not the box itself) is hosted elsewhere - but right now at cert renewal time we get an email like this:
Subject: [box.domain.tld] Error Provisioning TLS Certificate
* Stopping Postfix Mail Transport Agent postfix
...done.
* Starting Postfix Mail Transport Agent postfix
...done.
dovecot stop/waiting
dovecot start/running, process 10180
* Reloading nginx configuration nginx
...done.
A TLS certificate was successfully installed for box.domain.tld.
TLS certificates could not be provisoned for:
domain.tld: Domain control validation cannot be performed for this domain because DNS points the domain to another machine (A 1.2.3.4).
www.domain.tld: Domain control validation cannot be performed for this domain because DNS points the domain to another machine (A 1.2.3.4).If you read the log it shows that renewal for the box certificate is actually successful. I think it should silently (or with a simple message) skip the renewal process altogether for the non-hosted domains.
hey im having a issue where i only want to use letsencrypt for my subdomain running mailinabox but somehow its incorporating my main domain. so i only want tls on sub.somedomain.com and not somedomain.com.
how do i go about changing that