Hi
Since 2018 we've been manually renewing our wildcard cert for fusionpbx using Let's Encrypt. Following this guide: https://docs.fusionpbx.com/en/latest/getting_started/lets_encrypt.html?highlight=ssl#wildcard
Yesterday the cert expired and I renewed it but suddenly I only got 1 challenge instead of the usual two.
After closer inspection I've noticed that the alternative name was removed from the cert.
So
a.voip-fusion.com
b.voip-fusion.com
c.voip-fusion.com
you get the point...
Still works
But the main domain "voip-fusion.com" domain gives a cert expired error.
I've looked at the code and I have no idea why, it still seems fine:
Maybe Let's Encrypt changed something? Maybe something that Dehydrated changed?
Anyone able to help on how to get the Alternative Name back into the wildcard cert using the ./letsencrypt.sh script.
Since 2018 we've been manually renewing our wildcard cert for fusionpbx using Let's Encrypt. Following this guide: https://docs.fusionpbx.com/en/latest/getting_started/lets_encrypt.html?highlight=ssl#wildcard
Yesterday the cert expired and I renewed it but suddenly I only got 1 challenge instead of the usual two.
After closer inspection I've noticed that the alternative name was removed from the cert.
So
a.voip-fusion.com
b.voip-fusion.com
c.voip-fusion.com
you get the point...
Still works
But the main domain "voip-fusion.com" domain gives a cert expired error.
I've looked at the code and I have no idea why, it still seems fine:
Bash:
#request the certificates
if [ .$wildcard_domain = ."true" ]; then
./dehydrated --cron --domain *.$domain_name --preferred-chain "ISRG Root X1" --algo rsa --alias $domain_alias --config /etc/dehydrated/config --out /etc/dehydrated/certs --challenge dns-01 --hook /etc/dehydrated/hook.sh
fi
Maybe Let's Encrypt changed something? Maybe something that Dehydrated changed?
Anyone able to help on how to get the Alternative Name back into the wildcard cert using the ./letsencrypt.sh script.