Hello Mark,
I suppose you are using the DNS-01 challenge type since you are trying to get a wildcard certificate?
The ARDC DNS does not propagate in real time (it typically takes about an hour), so that exceeds Let's Encrypt's timeout.
What I usually do is to make the
_acme-challenge.YOUR_DOMAIN a CNAME record to a domain under a different nameserver (Cloudflare and
HE.net offer free DNS that basically propagates in real time), like
_acme-challenge.ampr-dns01-alias.MY_OTHER_DOMAIN. After this, there should be an option in your ACME client to choose an
Alternatively, you can also delegate the entire
ni2o.ampr.org to an external nameserver.
Let me know if you have any problems!
Best,
On Oct 30, 2025, at 08:09, Mark Phillips via 44net <44net@mailman.ampr.org> wrote:
Hi Folks,
I'm having some trouble trying to get LetsEncrypt SSL certificates authorised for use on my WWW devices. The issue seems to be that I do not have control of the TLD and so I can never authorise the issuing of the certificate.
I've tried *.
ni2o.ampr.org (generic catch all),
fqdn.ni2o.ampr.org (device specific) and many other variations but they all fail at the authorizing of the cert.
What am I doing wrong? I'm using LetEncrypt (free not-for-profit) SSL certificates successfully in other areas but i do control the domain for those.
Thanks for your help
Mark / G7LTT
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org
To unsubscribe send an email to 44net-leave@mailman.ampr.org