The issue is that you only generate the certificate for www.gamegorilla.net
and not gamegorilla.net
if you select all binding identifiers instead of supplying the search pattern I think it should work.
To also get certificates for other names that are not hosted by IIS you cannot use the import from IIS function. You need to supply them all, starting with the common name.
After starting wacs
select M
for a new request and select option 2
for manual input. After that enter the comma separated list with the common name first: gamegorilla.net,www.gamegorilla.net,smtp.gamegorilla.net,karo-elektrogroothandel.nl,www.karo-elektrogroothandel.nl,smtpkaro-elektrogroothandel.nl
(without any spaces). Or when you want to generate a wildcard certificate you can use: gamegorilla.net,*.gamegorilla.net,karo-elektrogroothandel.nl,*.karo-elektrogroothandel.nl
.
Please be aware that for generating wildcard certificates you need to be able to use the DNS-01
challenge. The HTTP-01
challange doesn’t support wildcard certificates.
For the certificate renewal you should run wacs --renew
from time to time (for example via a schedules task).
2
solved Supply Let’s Encrypt certificate chain to the client on IIS