Letsencrypt have started the wildcard support


Letsencrypt have started the wild card support https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579
Will be excited to see it YunoHost.


Do you know if it possible?
I would like to redirect my bog.mondomain.fr on Gitlab pages
The redirection is effective but on http not on https . So I would like to add a certificat for blog.mondomain.fr

Any idea?

Thank you

Uh but what does it has to do with wildcards for certificates ? é_è

Do we talk about a single certificate for all subdomains *.mondomain.fr , instead of generate a certificate by subdomains?

AM I wrong?


You just have to do : :smile:
$ yunohost domain cert-install blog.mondomain.fr

I test it:

$ yunohost domain cert-install blog..fr
Error: Unknown domain blog..fr

May be is due to my blog is not an app from yunohost, I just want to host my certificate but the blog is on gitlab-pages and an DNS entry do the bind

How do blog.mondomain.fr redirects to the gitlab-pages?

modifying DNS entry: https://docs.gitlab.com/ee//user/project/pages/getting_started_part_three.html#doc-nav
Thats done for me but not without certificate

Better way is to register blog.mondomain.fr on yunohost. Install letsencrypt for it.
Go to /etc/nginx/conf.d/blog.mondomain.fr.d and make a file redirect.conf.
configure the domain setting to redirect to the gitlab-pages.

location / {

    return 301 $scheme://gitlab-pages$request_uri;

1 Like

In my case the redirection is not made by yunohost is made by the DNS entry. No need to manually change NGinx (better :slight_smile: )
I was wondering if it was possible to manage the subdomain certificate with yunohost and then copy/paste the key/cert

I don’t think it would be possible to have certificate without having a domain on Yunohost.
Maybe @Aleks can help you out on this. This thread was started because to have wildcard certificate which would help need of having different certificates for sub domains.

And more : create a subdomain create all configuration for mail webmail etc… that I don’t need

Thank you for your answer and time :+1:

About wildcards certificates :

as (I think) answered in another similar thread, imho this is really not a priority for Yunohost since the general use case is to have a handful (let’s say ~10 max ?) domains and the existing certificate system is fine. Supporting wildcards certificates would make everything much more complicated from the technical point of view and only save clicks for the few people with 10+ subdomains.

Now about @Jean31’s question : no there’s no mechanism in YunoHost allowing you generate a certificate for a domain which is not configured in YunoHost :confused:

Btw: WildCard LE cert is not possible with ACME_Tiny (python scripts used by Yunohost). Please see discussion and the decision of the project : https://github.com/diafygi/acme-tiny/issues/199

1 Like