30 Oct
2025
30 Oct
'25
8:50 a.m.
Hello Mark,
I suppose you are using the DNS-01 challenge type since you are trying to get a wildcard
certificate?
The ARDC DNS does not propagate in real time (it typically takes about an hour), so that
exceeds Let's Encrypt's timeout.
What I usually do is to make the _acme-challenge.YOUR_DOMAIN a CNAME record to a domain
under a different nameserver (Cloudflare and HE.net <http://he.net/> offer free DNS
that basically propagates in real time), like
_acme-challenge.ampr-dns01-alias.MY_OTHER_DOMAIN. After this, there should be an option in
your ACME client to choose an
Alternatively, you can also delegate the entire ni2o.ampr.org
<http://ni2o.ampr.org/> to an external nameserver.
Let me know if you have any problems!
Best,
Maiyun Zhang AK6DS
On Oct 30, 2025, at 08:09, Mark Phillips via 44net
<44net(a)mailman.ampr.org> wrote:
Hi Folks,
I'm having some trouble trying to get LetsEncrypt SSL certificates authorised for use
on my WWW devices. The issue seems to be that I do not have control of the TLD and so I
can never authorise the issuing of the certificate.
I've tried *.ni2o.ampr.org <http://ni2o.ampr.org/> (generic catch all),
fqdn.ni2o.ampr.org <http://fqdn.ni2o.ampr.org/> (device specific) and many other
variations but they all fail at the authorizing of the cert.
What am I doing wrong? I'm using LetEncrypt (free not-for-profit) SSL certificates
successfully in other areas but i do control the domain for those.
Thanks for your help
Mark / G7LTT
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org