Wildcard certificate issue time > 1 day?

I’ve been waiting for over a day for a wildcard certificate to issue, is this to be expected? I think I’ve configured everything correctly on my end, the cert check isn’t telling me any other actions.

✔ ~/Sites/mere/app [main|✔]
15:39 $ fly certs list
Host Name                 Added                Status
*.socialeeyes.com         1 day ago            Awaiting certificates
socialeeyes.com           2 days ago           Ready
www.rodeoclash.com        1 day ago            Ready
✔ ~/Sites/mere/app [main|✔]
15:39 $ fly certs check "*.socialeeyes.com"
The certificate for *.socialeeyes.com has not been issued yet.
You are creating a wildcard certificate for *.socialeeyes.com
We are using lets_encrypt for this certificate.

✔ ~/Sites/mere/app [main|✔]
15:39 $

Following this up. I didn’t realise that a UI was available to create certificates. The UI mentions creating an _acme_challenge record which the command line doesn’t. Fingers crossed this fixes things…

Ah! I forgot to reply to this yesterday.

You do need an _acme-challenge.socialeeyes.com entry for a wildcard. It appears to be working now.

The CLI need some UX work for certs. Sorry about the sharp edge there.

1 Like

Yeah it got me. I think I managed to issue the non-wildcard certificates without any trouble but the wildcard version needed the UI to get the acme challenge string. A small update could be to just mention this in the CLI tool.

$ flyctl certs list "*.myapp.com"
Host Name                 Added                Status
*.myapp.com 14 minutes ago       Awaiting certificates

Not sure how much time it takes to get those certificates and configure.

Hi again Anil :slight_smile:

If you do a flyctl certs show "*.myapp.com" and flyctl certs check "*.myapp.com", you should see what’s going on.

EDIT: Do you have a DNS record setup for the _acme-challenge, per Kurt’s comment above?

Hi, I’m running into the same issue here.

I have set up an A record, AAAA record, and CNAME record pointing to Fly DNS for my wildcard subdomain. The certificate is still not issued after an hour.

Would appreciate any help figuring out what to do here. Thanks!


Update: 10min after posting this, the certificates are issued!

1 Like