Unable to create certificates for wildcard domains

What is the name of the domain?
veryown.in

What is the error message?
while attempting to find Zones for domain _acme-challenge.veryown.in. while querying the Cloudflare API for GET “/zones?name=_acme-challenge.veryown.in” Error: 9109: Max auth failures reached, please check your Authorization header.

What is the issue you’re encountering
I trying to create a certificate using cloudflare, cert manager, letsencrypt on my kubernetes cluster. but anytime i create trying to create the certificate for a wildcard domain it returns an error as mentioned. It works properly if i use “veryown.in” but fails for “*.veryown.in”

What steps have you taken to resolve the issue?
Created multiple tokens with recommended settings.

Cloudfare configuration -
zones - All zones - DNS:Read, DNS:Edit
Records - veryown.in, .veryown.in

What feature, service or problem is this related to?
DNS records

What are the steps to reproduce the issue?
In kubernetes,

create a ClusterIssuer and a cert-manager object

apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-prod spec: acme: email: adhirajkkinlekar@gmail.com server: https://acme-v02.api.letsencrypt.org/directory # Use the production Let’s Encrypt server privateKeySecretRef: name: letsencrypt-prod solvers: - dns01: cloudflare: apiTokenSecretRef: name: cloudflare-api-token-secret key: api-token selector: dnsZones: - veryown.in
apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: name: letsencrypt-prod spec: acme: email: adhirajkkinlekar@gmail.com server: https://acme-v02.api.letsencrypt.org/directory # Use the production Let’s Encrypt server privateKeySecretRef: name: letsencrypt-prod solvers: - dns01: cloudflare: apiTokenSecretRef: name: cloudflare-api-token-secret key: api-token selector: dnsZones: - veryown.in

```
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: veryown-in-tls
namespace: default
spec:
secretName: veryown-in # Specifies where the certificate must be stored after it is obtained by the cert manager
issuerRef:
name: letsencrypt-prod
kind: ClusterIssuer
commonName: veryown. # Only include the top-level domain in
dnsNames:
- veryown.in
- ‘.veryown.in’

create the token

create the token

kubectl create secret generic cloudflare-api-token-secret
–from-literal=api-token=<token>```

Unable to create certificates for wildcard domains

create the token

create the token

kubectl create secret generic cloudflare-api-token-secret
–from-literal=api-token=<token>```

Unable to create certificates for wildcard domains

Unable to create certificates for wildcard domains

Similar Threads

Similar Threads

Similar Threads