ZeroSSL hostname cert generation fails, because it needs to different domains for domain and alt-domain

Open Linutux opened this issue 1 year ago • 1 comments

Summary

I switched from LetsEncrypt to ZeroSSL. Suddenly acme.sh could not renew my hostname cert, because of two matching domains in /root/acme.sh/web1.example.de/web1.example.de.conf:

Le_Domain='web1.example.de'
Le_Alt='web1.example.de'

When you try to manually issue "/root/acme.sh/acme.sh --renew --domain web1.example.de --force", you get Create new order error. Le_OrderFinalize not found. {"type":"urn:ietf:params:acme:error:rejectedIdentifier","status":400,"detail":"One or more identifiers are duplicated"}

Solution

Change

Le_Domain='web1.example.de'
Le_Alt='web1.example.de'

Le_Domain='web1.example.de'
Le_Alt='www.web1.example.de'

in /root/acme.sh/web1.example.de/web1.example.de.conf

Also add the corresponding DNS entry fpr www.web1.example.de

Apr 25 '23 02:04 Linutux

I guess someone entered the same domain in the "domain aliases for froxlor vhost" setting

Apr 25 '23 06:04 d00p

Froxlor Froxlor copied to clipboard

ZeroSSL hostname cert generation fails, because it needs to different domains for domain and alt-domain

Summary

Solution

Froxlor
Froxlor copied to clipboard