申请证书DNS匹配异常

[692568516]

当前版本3.0.8，之前一直正常，最近不知道为什么异常

1、一个顶级域名下申请两个泛域名证书，如果先申请*.monitor.baidu.com 就会导致第二步申请的*.baidu.com 证书错误，dns变为DNS:baidu.com,DNS:monitor.baidu.com

2、如果先申请*.baidu.com 然后在申请*.monitor.baidu.com 就没问题

./acme.sh --issue --dns dns_dp -d monitor.baidu.com -d .monitor.baidu.com --force --keylength 4096
[Fri Dec 20 14:32:16 CST 2024] The domain key is here: /root/.acme.sh/monitor.baidu.com/monitor.baidu.com.key
[Fri Dec 20 14:32:16 CST 2024] Multi domain='DNS:monitor.baidu.com,DNS:.monitor.baidu.com'

./acme.sh --issue --dns dns_dp -d baidu.com -d *.baidu.com --force --server letsencrypt --keylength 4096
[Fri Dec 20 14:32:43 CST 2024] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Fri Dec 20 14:32:43 CST 2024] Creating domain key
[Fri Dec 20 14:32:44 CST 2024] The domain key is here: /root/.acme.sh/baidu.com/baidu.com.key
[Fri Dec 20 14:32:44 CST 2024] Multi domain='DNS:baidu.com,DNS:monitor.baidu.com'

3、而如果在前面增加转义则正常
./acme.sh --issue --dns dns_dp -d baidu.com -d *.baidu.com --force --keylength 4096
[Fri Dec 20 14:34:40 CST 2024] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Fri Dec 20 14:34:40 CST 2024] Multi domain='DNS:baidu.com,DNS:.baidu.com'
[Fri Dec 20 14:34:40 CST 2024] Getting domain auth token for each domain
[Fri Dec 20 14:34:44 CST 2024] Getting webroot for domain='baidu.com'
[Fri Dec 20 14:34:44 CST 2024] Getting webroot for domain='*.baidu.com'

[github-actions]

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

[692568516]

如果在泛域名的※前面增加转义符则会正常

[692568516]

更新到最新版本也是一样的情况，和#4507 一样，bash下执行会有改问题，zsh下正常

[Neilpang]

使用 单引号 包裹域名

[Neilpang]