-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wildcard domains on Heroku break renewal without an ACME_DOMAIN variable #39
Comments
Also breaks the 'live' check, where the code picks the first domain from the |
I also ran into this problem. Possible solution to this could be to fix this line to select a hostname that isn't a wildcard instead of the first one? https://github.com/pixielabs/letsencrypt-rails-heroku/blob/master/lib/tasks/letsencrypt.rake#L56 |
@kaspernj yup, you're absolutely right! :) |
@jalada Would you like me to submit a PR or would you prefer to do it yourself? :-) |
@kaspernj PRs are always welcome ⭐ |
@jalada Done :-) |
Afaict #45 doesn't resolve this since Let's Encrypt doesn't support wildcard certs. Maybe it'd be good to have a default behavior of filtering the list of domains for non-wildcard domains? |
@mrdomino It fixed the problem for me. I had a configuration with several configured normal domains and a wildcard domain (like in the example in this issue). For some reason the wild card domain was always chosen by letsencrypt-rails-heroku to make the connection test against. Since the wildcard domain isn't a valid hostname the lookup failed and my certificate wasn't installed correctly. After using the fix in #45 it worked correctly for me. |
Interesting. What domains does the resulting cert say it supports? |
@mrdomino All the ones defined in Original code to choose domain: New code to choose domain that isn't a wildcard: |
Oh, I see, okay.
…On Sun, Mar 5, 2017, 11:29 Kasper Johansen ***@***.***> wrote:
@mrdomino <https://github.com/mrdomino> All the ones defined in
ACME_DOMAIN. The only difference the change makes, is that instead of
taking the first domain in the configured domains on the Heroku app (not
ACME_DOMAIN) it takes on of the configured domains *that isn't a wildcard
domain*.
Original code to choose domain:
https://github.com/pixielabs/letsencrypt-rails-heroku/pull/45/files#diff-5afd887c0f3237cdd9f1f479de04e71cL56
New code to choose domain *that isn't a wildcard*:
https://github.com/pixielabs/letsencrypt-rails-heroku/pull/45/files#diff-5afd887c0f3237cdd9f1f479de04e71cR62
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#39 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AABZ63ojVa2pwNieKxpzvuylLKakyp7nks5riuL0gaJpZM4MJrB9>
.
|
Workaround is to continue to set the
ACME_DOMAIN
variable.The text was updated successfully, but these errors were encountered: