primal/traefik
1
0
Fork 0
mirror of https://github.com/traefik/traefik synced 2026-02-10 19:18:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update Wildcard Domain documentation

Browse Source
This commit is contained in:
Brandon McNama
2019-04-01 11:42:04 -04:00
committed by Traefiker Bot
parent 86d700c845
commit ba44619828
1 changed files with 0 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/configuration/acme.md
-1
View File
@@ -394,7 +394,6 @@ As described in [Let's Encrypt's post](https://community.letsencrypt.org/t/stagi
```
It is not possible to request a double wildcard certificate for a domain (for example `*.*.local.com`).
Due to ACME limitation it is not possible to define wildcards in SANs (alternative domains). Thus, the wildcard domain has to be defined as a main domain.
Most likely the root domain should receive a certificate too, so it needs to be specified as SAN and 2 `DNS-01` challenges are executed.
In this case the generated DNS TXT record for both domains is the same.
Even though this behaviour is [DNS RFC](https://community.letsencrypt.org/t/wildcard-issuance-two-txt-records-for-the-same-name/54528/2) compliant, it can lead to problems as all DNS providers keep DNS records cached for a certain time (TTL) and this TTL can be superior to the challenge timeout making the `DNS-01` challenge fail.