[BUG] Let’s Encrypt Plugin Fails to Obtain Correct Certificate for Root Domain in Bunkerweb 1.6.5 #2806
Description
What happened?
After upgrading from Bunkerweb 1.6.4 to 1.6.5, the Let’s Encrypt plugin no longer correctly handles a service that includes both root and non-root domains. Previously, using a non-root domain as primary allowed reuse of a wildcard certificate across all domains. In 1.6.5, when configuring a service with a root domain and a subdomain, the root domain always uses the default certificate (www.example.com) instead of requesting the proper wildcard certificate.
How to reproduce?
Observed Behavior
- Service 4 with both bis.mondomaine.com and mondomaine.com: bis.mondomaine.com works, mondomaine.com uses default certificate.
- Service 4 with mondomaine.com alone: no new certificate requested, still defaults to www.example.com.
- Splitting into Service 4 (bis.mondomaine.com) and Service 5 (mondomaine.com) still results in default certificate on root domain.
- Rolling back to 1.6.4 restores expected behavior.
Steps to Reproduce
- Upgrade from Bunkerweb 1.6.4 to 1.6.5.
- Configure a service including both a subdomain and the root domain with Let’s Encrypt.
- Check that the root domain serves the default certificate instead of the wildcard.
- Verify scheduler logs show no new certificate request nor errors.
Expected Behavior
The root domain should request and use the wildcard certificate as before in version 1.6.4.
Configuration file(s) (yaml or .env)
- Service 1: immich.mondomaine.com
- Service 2: nextcloud.mondomaine.com
- Service 3: ha.mondomaine.com
- Service 4: bis.mondomaine.com & mondomaine.com (including root domain)Relevant log output
BunkerWeb version
1.6.5
What integration are you using?
Linux
Linux distribution (if applicable)
Debian + MariaDB
Removed private data
- I have removed all private data from the configuration file and the logs
Code of Conduct
- I agree to follow this project's Code of Conduct