CNAME confusion

I have licensed versions of both the app and DNS for a single server.

On the IIS default site, I have two domains, both with wildcard variants, i.e. *.d1.net, d1.net, *.d2.net, d2.net

Now, I previously had generated a cert for d1.net and done the CNAME for that, but then deleted that cert when testing and so generated a new cert and removed the old CNAME record in D1’s DNS…

So, now I have no CNAME records in either d1 or d2’s DNS, however I can still renew the certs! I know this will almost certainly fail automatic renewal when the challenge changes on 90 days…

So, how can I force the need for the CNAME records for d1 & d2 using the app (or whatever) so I can recreate the necessary entries?

Thanks

Hi Nick,

I’ve responded to your support tickets, but yes Let’s Encrypt will cache validations and not give you the opportunity to test them again for 30 days.

Try not to delete working managed certificates and instead modify them if you need to add domains etc as CNAME delegation in particular can get quite confusing with cached validations.

As discussed in the ticket you will find your CNAME details in the respective Certify DNS registration json files under C:\ProgramData\certify\certifydns\