Hi,
I am facing issue with generating certificates using Let’s Encrypt community services stack based on image janeczku/rancher-letsencrypt. I have to generate certificates for multiple domains with same ending.
Example:
test.example.domain.xyz
test1.example.domain.xyz
test2.example.domain.xyz
So the obvious answer is to use wildcard in certificate generating process like this:
*.example.domain.xyz
I already know that image janeczku/rancher-letsencrypt was updated a year ago and is deprecated so i was searching for something else. I found vxcontrol/rancher-letsencrypt it was updated month ago but it is not working as well with wildcards in domain. I also found out that Certbot ver. 0.22+ is supporting this process but i don’t understated how to implement this with Let’s Encrypt in custom docker image.
Is there a way to create certificates based on domain with wildcard using Let’s Encrypt community service stack ?
Does anyone know maybe other community available stack here on Rancher for such matter?
Is there any other solution for implementing self-renewable certificates for my services here on Rancher ?
There is what I’ve got when i switched images from janeczku/rancher-letsencrypt to vxcontrol/rancher-letsencrypt and typed *.example.domain.xyz in DOMAINS variable before upgrading.
7/19/2018 " level=info msg="Trying to obtain SSL certificate (*.example.domain.xyz) from Let's Encrypt Production CA"
7/19/2018 " level=info msg="[INFO][*.example.domain.xyz] acme: Obtaining bundled SAN certificate"
7/19/2018 " level=info msg="[INFO][*.example.domain.xyz] AuthURL: auth_url"
7/19/2018 " level=info msg="[INFO][example.domain.xyz] acme: Could not find solver for: dns-01"
7/19/2018 " level=error msg="[acme: Error -> One or more domains had a problem:\n[example.domain.xyz] [example.domain.xyz] acme: Could not determine solvers\n] Error obtaining certificate: acme: Error -> One or more domains had a problem:\n[example.domain.xyz] [example.domain.xyz] acme: Could not determine solvers\n"
7/19/2018 " level=info msg="Starting Let's Encrypt Certificate Manager v1.0.0 eb89fad"
7/19/2018 " level=info msg="Using locally stored Let's Encrypt account for my.email@dom.com"
7/19/2018 " level=info msg="Using Let's Encrypt Production API"
7/19/2018 " level=info msg="Using HTTP challenge: Sleeping for 120 seconds before requesting certificate"
7/19/2018 " level=info msg="Make sure that HTTP requests for '/.well-known/acme-challenge' for all certificate domains are forwarded to port 80 of the container running this application"
7/19/2018 " level=info msg="Trying to obtain SSL certificate (*.example.domain.xyz) from Let's Encrypt Production CA"
7/19/2018 " level=info msg="[INFO][*.example.domain.xyz] acme: Obtaining bundled SAN certificate"
7/19/2018 " level=info msg="[INFO][*.example.domain.xyz] AuthURL: auth_url"
7/19/2018 " level=info msg="[INFO][example.domain.xyz] acme: Could not find solver for: dns-01"
7/19/2018 " level=error msg="[acme: Error -> One or more domains had a problem:\n[example.domain.xyz] [example.domain.xyz] acme: Could not determine solvers\n] Error obtaining certificate: acme: Error -> One or more domains had a problem:\n[example.domain.xyz] [example.domain.xyz] acme: Could not determine solvers\n"
For obvious reasons i changed my real wildcarded domain on *.example.domain.xyz here in post.
TIA for every response 