Wildcard certificate issue time > 1 day?

sam · October 13, 2021, 4:43am

I’ve been waiting for over a day for a wildcard certificate to issue, is this to be expected? I think I’ve configured everything correctly on my end, the cert check isn’t telling me any other actions.

✔ ~/Sites/mere/app [main|✔]
15:39 $ fly certs list
Host Name                 Added                Status
*.socialeeyes.com         1 day ago            Awaiting certificates
socialeeyes.com           2 days ago           Ready
www.rodeoclash.com        1 day ago            Ready
✔ ~/Sites/mere/app [main|✔]
15:39 $ fly certs check "*.socialeeyes.com"
The certificate for *.socialeeyes.com has not been issued yet.
You are creating a wildcard certificate for *.socialeeyes.com
We are using lets_encrypt for this certificate.

✔ ~/Sites/mere/app [main|✔]
15:39 $

sam · October 14, 2021, 3:04am

Following this up. I didn’t realise that a UI was available to create certificates. The UI mentions creating an _acme_challenge record which the command line doesn’t. Fingers crossed this fixes things…

kurt · October 14, 2021, 6:10pm

Ah! I forgot to reply to this yesterday.

You do need an _acme-challenge.socialeeyes.com entry for a wildcard. It appears to be working now.

The CLI need some UX work for certs. Sorry about the sharp edge there.

sam · October 18, 2021, 8:44pm

Yeah it got me. I think I managed to issue the non-wildcard certificates without any trouble but the wildcard version needed the UI to get the acme challenge string. A small update could be to just mention this in the CLI tool.

Anil_Wadghule · January 12, 2022, 1:55pm

$ flyctl certs list "*.myapp.com"
Host Name                 Added                Status
*.myapp.com 14 minutes ago       Awaiting certificates

Not sure how much time it takes to get those certificates and configure.

FrequentFlyer · January 12, 2022, 2:22pm

Hi again Anil

If you do a flyctl certs show "*.myapp.com" and flyctl certs check "*.myapp.com", you should see what’s going on.

EDIT: Do you have a DNS record setup for the _acme-challenge, per Kurt’s comment above?

alexluong · May 28, 2022, 5:11pm

Hi, I’m running into the same issue here.

I have set up an A record, AAAA record, and CNAME record pointing to Fly DNS for my wildcard subdomain. The certificate is still not issued after an hour.

Would appreciate any help figuring out what to do here. Thanks!

Update: 10min after posting this, the certificates are issued!

Topic		Replies	Views
Stuck on “Awaiting certificates” for wildcard domain	7	448	February 17, 2022
Wildcard Certificate Questions / Help	4	452	July 18, 2022
Wildcard cert taking a long time to generate (SOLVED) Questions / Help	3	416	March 28, 2022
Certificate issuance taking a long time	13	755	August 3, 2021
Wildcard *.mydomain.com certificate stuck in `Awaiting certificates` mode after remove/add	2	243	July 31, 2023

Wildcard certificate issue time > 1 day?

Related Topics