GreenLock asking for a wildcard cert #16

New Issue

Open

opened 2020-03-02 20:09:17 +00:00 by Ghost · 1 comment

Ghost commented 2020-03-02 20:09:17 +00:00

Copy Link

A user reported the MeshCentral could not get a Let's Encrypt certificate and sent over the logs here: https://github.com/Ylianst/MeshCentral/issues/986.

Something of note is that he is requesting a single "remote.xxxxxxxxxxxxxxx.pl" name, but the request fails with:

{"context":"cert_issue","subject":"remote.xxxxxxxxxxxxxxx.pl","altnames":["*.xxxxxxxxxxxxxxx.pl","remote.xxxxxxxxxxxxxxx.pl"]}

Notice the wildcard name was added and I don't want it added. Looking at "GreenLock.js" the "_single" method figures out the wildcard name for any name with 2 dots of more. The manager.js then seems to add it as an altname.

Looking for guidance on how to not have the wildcard name be added to the altnames. Thanks.

A user reported the MeshCentral could not get a Let's Encrypt certificate and sent over the logs here: https://github.com/Ylianst/MeshCentral/issues/986. Something of note is that he is requesting a single "remote.xxxxxxxxxxxxxxx.pl" name, but the request fails with: {"context":"cert_issue","subject":"remote.xxxxxxxxxxxxxxx.pl","altnames":["*.xxxxxxxxxxxxxxx.pl","remote.xxxxxxxxxxxxxxx.pl"]} Notice the wildcard name was added and I don't want it added. Looking at "GreenLock.js" the "_single" method figures out the wildcard name for any name with 2 dots of more. The manager.js then seems to add it as an altname. Looking for guidance on how to not have the wildcard name be added to the altnames. Thanks.

coolaj86 commented 2020-03-05 05:52:54 +00:00

Owner

Copy Link

My guess is that you have something misconfigured. The default behavior is NOT to use wildcards.

Try the example in the Greenlock Express README.md and make a few small changes until you get to where you'd like to be.

My guess is that you have something misconfigured. The default behavior is NOT to use wildcards. Try the example in the Greenlock Express README.md and make a few small changes until you get to where you'd like to be.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

fix-v2-bump-deps

v2

github

next

v4

npm

v3

wip

dns-challenge-regression-fix

v2.4

v2.5

v2.3

v2.2

acmev2

v2.1

greenlock

v1

node-letsencrypt-python

v2.8.9

v4.0.5

v4.0.4

v4.0.3

v4.0.2

v4.0.1

v4.0.0

v3.1.5

v3.1.4

v3.1.3

v3.0.25

v3.0.24

v3.0.23

v3.0.21

v3.0.20

v3.0.19

v3.0.18

v3.0.17

v3.0.16

v3.0.15

v3.0.12

v3.0.11

v3.0.10

v3.0.9

v3.0.7

v3.0.6

v3.0.5

v3.0.4

v3.0.3

v3.0.2

v3.0.1

v2.8.8

v2.8.7

v2.8.6

v2.8.5

v2.8.4

v2.8.3

v2.8.2

v2.8.1

v2.8.0

v2.7.23

v2.7.22

v2.7.21

v2.7.20

v2.7.19

v2.7.18

v2.7.17

v2.7.16

v2.7.15

v2.7.14

v2.7.13

v2.7.12

v2.7.11

v2.7.10

v2.7.9

v2.7.8

v2.7.7

v2.7.6

v2.7.5

v2.7.4

v2.7.3

v2.7.2

v2.7.1

v2.7.0

v2.6.10

v2.6.9

v2.6.8

v2.6.7

v2.6.6

v2.6.5

v2.6.4

v2.6.3

v2.6.2

v2.6.1

v2.6.0

v2.5.0

v2.4.10

v2.4.9

v2.4.8

v2.4.7

v2.4.2

v2.4.1

v2.4.0

v2.3.13

v2.3.12

v2.3.11

v2.3.10

v2.3.9

v2.3.8

v2.3.7

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.20

v2.2.19

v2.2.17

v2.2.18

v2.2.16

v2.2.15

v2.2.14

v2.2.13

v2.2.12

v2.2.11

v2.2.10

v2.2.8

v2.2.7

v2.2.6

v2.2.5

v2.2.4

v2.2.3

v2.2.2

v2.2.0

v2.1.19

v2.1.18

v2.1.17

v2.1.16

v2.1.15

v2.1.14

v2.1.13

v2.1.12

v2.1.11

v2.1.10

v2.1.9

v2.1.7

v2.1.6

v2.1.5

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0

v1.5.8

v2.0.5

v2.0.4

v1.5.7

v1.5.6

v1.5.5

v2.0.3

v2.0.2

v2.0.1

v2.0.0

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.3.0

v1.2.0

v1.1.0

v1.0.2

v1.0.0

v1.0.1

Labels

Clear labels

No items

No Label

Milestone

Clear milestone

No items

No Milestone

Assignees

Clear assignees

No Assignees

2 Participants

Notifications

Subscribe

Due Date

The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: root/greenlock.js#16

No description provided.