Closed FractalMind closed 3 years ago
polarathene
commented
3 years ago acme-companion uses acme.sh to provision certificates. Issuing wildcard certificates requires a DNS challenge, which AFAIK acme-companion does not presently support (acme.sh does, just there is no integration to use that yet).
FractalMind
commented
3 years ago
acme-companionusesacme.shto provision certificates. Issuing wildcard certificates requires a DNS challenge, which AFAIKacme-companiondoes not presently support (acme.shdoes, just there is no integration to use that yet).
Thank you for the quick awnser. That's a shame. Probably way more simple to buy a 1-3 years SSL instead of manually generate one every 2 months :/
polarathene
commented
3 years ago Thank you for the quick answer.
Welcome!
That's a shame.
I think it wouldn't be too difficult to add actually. I had a look over the acme-companion code, and it looks like you could probably get away with a bit of copy/paste + bit of shell script conditionals for the --webroot part to enable DNS challenge via ENV like is supported for other containers.
If I can find the time to spare, I may try contribute the feature, but I wouldn't expect anything soon :sweat_smile:
Probably way more simple to buy a 1-3 years SSL instead of manually generate one every 2 months :/
I don't use acme-companion myself. I use Caddy which is pretty nice, although their DNS challenge support requires a custom download via their web UI, or a custom build command if you prefer.
Pretty sure there are other options out there for letsencrypt cert automation if you just want to provision the certificate and not have integration with nginx-proxy like acme-companion offers.
There was a huge amount of post talking about how it's not possible to generate wildcard certificates with "simp_le" but "acme2" is out for a while now and there's no clear documentation on how to generate wildcard certificates.
I tried
But no luck it won't generate any wildcard certificate.
Any idea?