Wildcard Let's Encrypt certificates
Information
Summary: |
This article discusses the possibility of using wildcard Let's Encrypt certificates. |
Environment: |
Product: LoadMaster Version: Any Platform: Any Application: Any |
Question/Problem Description: |
When trying to add an LE wildcard cert to VS, a pop-up error "ACME CA does not support http-01 challenge type for domain validation" occurs. Logs show "Acme - - [meta sequenceId="10833"] Valid challenge type not supported for domain (code: 11)". |
Steps to Reproduce: | |
Error Message: |
ACME CA does not support http-01 challenge type for domain validation Acme - - [meta sequenceId="10833"] Valid challenge type not supported for domain (code: 11) |
Defect Number: | |
Enhancement Number: | |
Cause: | This happens when attempting to add *.domain.com as the common name for Let's Encrypt Certificates. |
Resolution: | This is not currently possible. |
Workaround: |
The workaround to be add a Let's Encrypt Certificate for each hostname and associate it with the Virtual Service as needed. Alternatively, Subject Alternative Names can be associated with a Let's Encrypt certificate. https://support.kemptechnologies.com/hc/en-us/articles/6600408705165-Let-s-Encrypt |
Notes: |