starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-13 15:13:33 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Option to continue fetching certificate if some alternative names don't work #507

New Issue
Closed
opened 2025-12-29 01:26:27 +01:00 by adam · 1 comment
adam commented 2025-12-29 01:26:27 +01:00
Owner
Copy Link

Originally created by @thegushi on GitHub (Nov 25, 2020).

Hey there

It would be useful to have an option to continue fetching a certificate if not all alternative names work. Sometimes multiple domains point to a single vhost, and if one of them expires it would be good to still get a cert for the remaining, valid, names.

For this purpose, I would typically use a challenge which will always pass as the "main" domain name.

From the looks of the way dehydrated works, this would probably require restarting the issuance process for a given cert, only for alternatives which have passed the challenges.

My specific use case is that when I give a person a domain name to use, I want to be able to fire up lets-encrypt with something, even if their domain name is not pointing at my server yet, so I create a private name (like theirtempsite.myhostingco.com).

Originally created by @thegushi on GitHub (Nov 25, 2020). Hey there It would be useful to have an option to continue fetching a certificate if not all alternative names work. Sometimes multiple domains point to a single vhost, and if one of them expires it would be good to still get a cert for the remaining, valid, names. For this purpose, I would typically use a challenge which will always pass as the "main" domain name. From the looks of the way dehydrated works, this would probably require restarting the issuance process for a given cert, only for alternatives which have passed the challenges. My specific use case is that when I give a person a domain name to use, I want to be able to fire up lets-encrypt with *something*, even if their domain name is not pointing at my server yet, so I create a private name (like theirtempsite.myhostingco.com).
adam closed this issue 2025-12-29 01:26:27 +01:00
adam commented 2025-12-29 01:26:27 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Dec 10, 2020):

This will not really work. The signing request is generated before any validation starts. If any domain is not validated the certificate order will fail completely.

@lukas2511 commented on GitHub (Dec 10, 2020): This will not really work. The signing request is generated before any validation starts. If any domain is not validated the certificate order will fail completely.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#507
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?