No Certificates Generated. Let's Encrypt (Catalog version) & Load Balancing

Hello. I have spent three days just trying to get my subdomain.example.com to work using the Let’s Encrypt catalog. It still isn’t working. Here are my steps:

go to the Rancher UI
go to Admin => Settings => Community Catalog
locate the Let’s Encrypt template in the Catalog section of the UI
template version = latest (0.5.0)
stack name = letsencrypt
description = subdomain https
I agree to the …… = yes
API version = production
email address =
certificate name = subdomains
domain names: *.example.com
domain validation method: HTTP
start services after creating? no
click the Launch button at the bottom of the page

go to stacks
select the letsencrypt stack
go to “Add Service” dropdown
click on the dropdown icon
select Add load balancer
select Always run one instance of this container on every host
scale = ensure the number of instances is less than or equal to the number of hosts
name = public-load-balancer
description = public facing web load balancer
port rules
access = Public
protocol = HTTP
request host = *.example.com
port = 80
path = /.well-known/acme-challenge
target = letsencrypt
port = 80
go to the Stacks menu
choose the let’s encrypt stack
press the Start button
wait 5 to 15 minutes

go to Infrastructure
go to Certificates page
refresh the page (if necessary)

But still no Certificates!

Posting the same question at the same time in multiple places (Slack) just makes it harder to follow up with you.

If you’re actually requesting *.<some-domain.com>, LetsEncrypt is adding support for wildcards but it’s not out yet. And it is part of the v2 API so I doubt it would start working without changes to the catalog item once it is out of testing.

Hi,

I will continue the question here. I closed the Slack question. I ran the same steps again, only I changed the domain to subdomain.example.com instead of *.example.com but still no certificates generated…

stacks

  • healthcheck
  • ipsec
  • letsencrypt
  • network-services
  • scheduler

I created the load balancer off the letsencrypt stack. I am not sure if the load balancer needs its own stack?

Hi,

I am going to post the question on Slack since it has been 4 days. Thanks