Subdomains for Let's Encrypt

Owad · October 7, 2020, 7:29pm

Is it possible to use the deSEC API to create a certificate for a subdomain? I initially tried setting up acme.sh with:

export DEDYN_TOKEN=mytoken
export DEDYN_NAME=sub.mydomain.com

and running:

acme.sh --issue --dns dns_desec -d sub.mydomain.com

I then tried changing DEDYN_NAME to just the second level domain. I been getting either a 400 or 404 error depending on which setup I try, and I’ve now been rate limited.

peter · October 7, 2020, 7:55pm

Hi Owad,

Thanks for your message, and welcome to deSEC!

It is certainly possible to use the deSEC API to publish the ACME challenge for a subdomain certificate. However, it may be the case that acme.sh is not utilizing our API correctly. I suggest to open an issue in their bug tracker.

Stay secure,
Peter

Owad · October 8, 2020, 12:39am

Is “sub.mydomain.com” the correct format, both for DEDYN_NAME and for the acme.sh’s -d option?

peter · October 8, 2020, 8:22am

HI Owad,

I am not sure, as I am not a user of acme.sh.

Best,
Peter