DNS.yml throw timeout errors but API is accassable and the provider don't see any requests.

[Marco4223]

Hi,
hope some one can help me out. I'm trying to fix an Issue in the dns_kas.sh script and all is fine when I run this on my NAS. Marco4223/acme.sh -> dns_kas.sh
But when I push this to my repo and the DNS.yml is checking my changes the Docker part failed with a mysteries error message:

Debug log

2022-07-31T22:12:30.7366778Z [Sun Jul 31 22:07:29 UTC 2022] _postContentType='text/xml'
2022-07-31T22:12:30.7367185Z [Sun Jul 31 22:07:29 UTC 2022] Http already initialized.
2022-07-31T22:12:30.7367805Z [Sun Jul 31 22:07:29 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L '
2022-07-31T22:12:30.7368540Z [Sun Jul 31 22:12:29 UTC 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 28
2022-07-31T22:12:30.7369084Z [Sun Jul 31 22:12:29 UTC 2022] _ret='28'
2022-07-31T22:12:30.7369438Z [Sun Jul 31 22:12:29 UTC 2022] Response
2022-07-31T22:12:30.7369765Z [Sun Jul 31 22:12:29 UTC 2022] Response
2022-07-31T22:12:30.7370167Z [Sun Jul 31 22:12:29 UTC 2022] An unkown error occurred, please check manually.
2022-07-31T22:12:30.7370805Z [Sun Jul 31 22:12:29 UTC 2022] Error add txt for domain:_acme-challenge.***
2022-07-31T22:12:30.7371207Z [Sun Jul 31 22:12:29 UTC 2022] _on_issue_err
2022-07-31T22:12:30.7371623Z [Sun Jul 31 22:12:29 UTC 2022] Please check log file for more details: le_test_dnsapi.log

mysteries because of the previews requests are working fine:

2022-07-31T22:12:30.7264904Z [Sun Jul 31 22:07:17 UTC 2022] _postContentType='text/xml'
2022-07-31T22:12:30.7265378Z [Sun Jul 31 22:07:17 UTC 2022] Http already initialized.
2022-07-31T22:12:30.7265997Z [Sun Jul 31 22:07:17 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L '
2022-07-31T22:12:30.7266513Z [Sun Jul 31 22:07:18 UTC 2022] _ret='0'
2022-07-31T22:12:30.7267054Z [Sun Jul 31 22:07:18 UTC 2022] Response='
2022-07-31T22:12:30.7291301Z <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.....

Int that response the Flooting Delay (Time before I can go for another request in sec) is 0.5
KasFloodDelay0.5
and I'm waiting 10 sec. So that could not be the problem.

error code: 28 ->
CURLE_OPERATION_TIMEDOUT (28)
Operation timeout. The specified time-out period was reached according to the conditions.

Maybe someone had the same issue with the checks?
Cheers
MarcO

[github-actions]

Please provode the log with --debug 2 if this is a bug report.

[Marco4223]

Please provode the log with --debug 2 if this is a bug report.

Howto do this in here?

[Marco4223]

So after rerunning the action multiple times I got multiple errors on diffrent positions. Feels like that the DNS.yml is not working stable. Is there a way to have more details in the logs?

[Marco4223]

@Neilpang can you please have a look.
Its confirmed by other user that the sktipt is working but your test failed. :(
Its also running on my NAS and PFSense but the DNS.yml failed by this timeout on randomly requests.

[Neilpang]

You can define env variable DEBUG=2, it equals to --debug 2

[Neilpang]

I just made change for you. you can define a secrets "DEBUG=2" in your repo.

[Marco4223]

Hi @Neilpang
now I made the change and get this information back:

'2022-08-03T13:57:05.0642003Z [Wed Aug 3 13:5***:04 UTC 0] POST'
'2022-08-03T13:57:05.0642596Z [Wed Aug 3 13:5***:04 UTC 0] _post_url='https://kasapi.kasserver.com/soap/KasApi.php''
'2022-08-03T13:57:05.0644795Z [Wed Aug 3 13:5***:04 UTC 0] body='<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="urn:xmethodsKasApi" xmlns:xsd="http://www.w3.org/***001/XMLSchema" xmlns:xsi="http://www.w3.org/***001/XMLSchema-instance" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">SOAP-ENV:Bodyns1:KasApi{"kas_login":"","kas_auth_type":"session","kas_auth_data":"c6fcfd930d17a8e314c54064cbc5c86fed5c4f","kas_action":"add_dns_settings","KasRequestParams":{"record_name":"acmetestXyzRandomName","record_type":"TXT","record_data":"acmeTestTxtRecord","record_aux":"0","zone_host":"."}}</ns1:KasApi></SOAP-ENV:Body></SOAP-ENV:Envelope>''
'2022-08-03T13:57:05.0646235Z [Wed Aug 3 13:5***:04 UTC 0] _postContentType='text/xml''
'2022-08-03T13:57:05.0647175Z [Wed Aug 3 13:5***:04 UTC 0] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --trace-ascii /tmp/tmp.dj9mUgrVtO ''
'2022-08-03T13:57:05.0647953Z [Wed Aug 3 13:57:05 UTC 0] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 8'
'2022-08-03T13:57:05.0648469Z [Wed Aug 3 13:57:05 UTC 0] Here is the curl dump log:'
'2022-08-03T13:57:05.0648867Z [Wed Aug 3 13:57:05 UTC 0] == Info: Trying 85.13.18.6:443...'
'2022-08-03T13:57:05.0649313Z == Info: Connected to kasapi.kasserver.com (85.13.18.6) port 443 (#0)'
'2022-08-03T13:57:05.0649691Z == Info: ALPN, offering h'
'2022-08-03T13:57:05.0650012Z == Info: ALPN, offering http/1.1'
'2022-08-03T13:57:05.0650594Z == Info: CAfile: /etc/ssl/certs/ca-certificates.crt'
'2022-08-03T13:57:05.0650939Z == Info: CApath: /etc/ssl/certs'
'2022-08-03T13:57:05.0651947Z == Info: TLSv1.0 (OUT), TLS header, Certificate Status ():'
'2022-08-03T13:57:05.0652342Z => Send SSL data, 5 bytes (0x5)'
'2022-08-03T13:57:05.0652634Z 0000: .....'
'2022-08-03T13:57:05.0653095Z == Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):'
'2022-08-03T13:57:05.0653484Z => Send SSL data, 51 bytes (0x00)'
'2022-08-03T13:57:05.0654188Z 0000: ......K-.<........a(HI>.%K.....r.....` ........e.......">c..wEWx'
'2022-08-03T13:57:05.0654788Z 0040: ...^....>.......,.0.........+./...$.(.k.#.'.g.....9.....3.....=.'
'2022-08-03T13:57:05.0655181Z 0080: <.5./.....u.........kasapi.kasserver.com........................'
'2022-08-03T13:57:05.0655611Z 00c0: ..........3t.........h.http/1.1.........1.....*.(..............'
'2022-08-03T13:57:05.0656062Z 0100: ...........................+........-.....3.&.$... .........~..k'
'2022-08-03T13:57:05.0656494Z 0140: T7../..?.-!..{....S.............................................'
'2022-08-03T13:57:05.0656854Z 0180: ................................................................'
'2022-08-03T13:57:05.0657301Z 01c0: ................................................................'
'2022-08-03T13:57:05.0657770Z == Info: SSL connection timeout'
'2022-08-03T13:57:05.0658107Z == Info: Closing connection 0'
'2022-08-03T13:57:05.0658520Z [Wed Aug 3 13:57:05 UTC 0] _ret='***8''
'2022-08-03T13:57:05.0658850Z [Wed Aug 3 13:57:05 UTC 0] Response'
'2022-08-03T13:57:05.0659182Z [Wed Aug 3 13:57:05 UTC 0] Response'
'2022-08-03T13:57:05.0659574Z [Wed Aug 3 13:57:05 UTC 0] An unkown error occurred, please check manually.'
'2022-08-03T13:57:05.0659923Z Run Failed'

Can you help what this mean? Colud this be a Git issue?
Cheers
Marco

[Neilpang]

timeout seems like a temp error from the api server.

re-run your tests again.

[Marco4223]

I did this now three times and yesterday around 20 times. I also tried HTTPS_INSECURE=1 but nothing helps. I randomly get the timeout. :(

[Neilpang]

it must be something wrong from the CA server.
please contact their support, or just add more sleep in your script.
hope it will work.

[Marco4223]

Hi @Neilpang ,
I had already contract worth the support and they advise to use retry. (I had already tested sleep 60 and it doesn’t help)
So I implemented this to the acme.sh and dns_kas.sh but now DNS.yml run for 6 hour with only success messages and after that time I can see that there ist a cancel message. I have no clue how to proceed.

[Marco4223]

HI @Neilpang ,
there schould be a problem with the connection between github and all-inkl....I tried to implement retry and connection-timeout properties for the curl call and sometime it looks better and sometimeits not.
Here is a schort log af mine:
'2022-08-12T09:01:52.6908034Z [Fri Aug 12 08:54:56 UTC 2022] txtdomain='_acme-challenge.''
'2022-08-12T09:01:52.6911190Z [Fri Aug 12 08:54:56 UTC 2022] txt='iTz_lDEetkwjL6H7nKv33wpvYfb49WqHnq-ikLJJXVQ''
'2022-08-12T09:01:52.6911910Z [Fri Aug 12 08:54:56 UTC 2022] d_api='/root/.acme.sh/dnsapi/.sh''
'2022-08-12T09:01:52.6912338Z [Fri Aug 12 08:54:56 UTC 2022] Found domain api file: /root/.acme.sh/dnsapi/.sh'
'2022-08-12T09:01:52.6913036Z [Fri Aug 12 08:54:56 UTC 2022] Adding txt value: iTz_lDEetkwjL6H7nKv33wpvYfb49WqHnq-ikLJJXVQ for domain: _acme-challenge.'
'2022-08-12T09:01:52.6913646Z [Fri Aug 12 08:54:56 UTC 2022] ### -> Using DNS-01 All-inkl/Kasserver hook'
'2022-08-12T09:01:52.6914237Z [Fri Aug 12 08:54:56 UTC 2022] ### -> Adding _acme-challenge.*** DNS TXT entry on All-inkl/Kasserver'
'2022-08-12T09:01:52.6914756Z [Fri Aug 12 08:54:56 UTC 2022] ### -> Retriving Credential Token'
'2022-08-12T09:01:52.6915177Z [Fri Aug 12 08:54:56 UTC 2022] Be frindly and wait 10 seconds by default before calling KAS API.'
'2022-08-12T09:01:52.6915551Z [Fri Aug 12 08:55:06 UTC 2022] POST'
'2022-08-12T09:01:52.6916060Z [Fri Aug 12 08:55:06 UTC 2022] _post_url='https://kasapi.kasserver.com/soap/KasAuth.php''
'2022-08-12T09:01:52.6916739Z [Fri Aug 12 08:55:06 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --retry 5 --connect-timeout 3 ''
'2022-08-12T09:01:52.6917428Z [Fri Aug 12 08:55:56 UTC 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 28'
'2022-08-12T09:01:52.6917900Z [Fri Aug 12 08:55:56 UTC 2022] _ret='28''
'2022-08-12T09:01:52.6918294Z [Fri Aug 12 08:55:56 UTC 2022] Credential Token: =' ''
'2022-08-12T09:01:52.6918729Z [Fri Aug 12 08:55:56 UTC 2022] ### -> Check and Save Props'
'2022-08-12T09:01:52.6919172Z [Fri Aug 12 08:55:57 UTC 2022] ### -> Checking Zone and Record_Name'
'2022-08-12T09:01:52.6919595Z [Fri Aug 12 08:55:57 UTC 2022] Be frindly and wait 10 seconds by default before calling KAS API.'
'2022-08-12T09:01:52.6919976Z [Fri Aug 12 08:56:07 UTC 2022] POST'
'2022-08-12T09:01:52.6920462Z [Fri Aug 12 08:56:07 UTC 2022] _post_url='https://kasapi.kasserver.com/soap/KasApi.php''
'2022-08-12T09:01:52.6921116Z [Fri Aug 12 08:56:07 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --retry 5 --connect-timeout 3 ''
'2022-08-12T09:01:52.6921597Z [Fri Aug 12 08:56:19 UTC 2022] _ret='0''
'2022-08-12T09:01:52.6921899Z [Fri Aug 12 08:56:19 UTC 2022] GET'
'2022-08-12T09:01:52.6922313Z [Fri Aug 12 08:56:19 UTC 2022] url='https://all-inkl.com/ip/''
'2022-08-12T09:01:52.6922650Z [Fri Aug 12 08:56:19 UTC 2022] timeout='
'2022-08-12T09:01:52.6923149Z [Fri Aug 12 08:56:19 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L ''
'2022-08-12T09:01:52.6923599Z [Fri Aug 12 08:56:24 UTC 2022] ret='0''
'2022-08-12T09:01:52.6924147Z [Fri Aug 12 08:56:24 UTC 2022] MyIP: ='40.113.242.204''
'2022-08-12T09:01:52.6924622Z [Fri Aug 12 08:56:24 UTC 2022] Zone:='_acme-challenge..''
'2022-08-12T09:01:52.6925133Z [Fri Aug 12 08:56:24 UTC 2022] Domain:='_acme-challenge.''
'2022-08-12T09:01:52.6925472Z [Fri Aug 12 08:56:24 UTC 2022] Record_Name:'
'2022-08-12T09:01:52.6925915Z [Fri Aug 12 08:56:24 UTC 2022] ### -> Checking for existing Record entries'
'2022-08-12T09:01:52.6926362Z [Fri Aug 12 08:56:24 UTC 2022] Be frindly and wait 10 seconds by default before calling KAS API.'
'2022-08-12T09:01:52.6926730Z [Fri Aug 12 08:56:34 UTC 2022] POST'
'2022-08-12T09:01:52.6927217Z [Fri Aug 12 08:56:34 UTC 2022] _post_url='https://kasapi.kasserver.com/soap/KasApi.php''
'2022-08-12T09:01:52.6927883Z [Fri Aug 12 08:56:34 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --retry 5 --connect-timeout 3 ''
'2022-08-12T09:01:52.6928372Z [Fri Aug 12 08:56:35 UTC 2022] _ret='0''
'2022-08-12T09:01:52.6928658Z [Fri Aug 12 08:56:35 UTC 2022] GET'
'2022-08-12T09:01:52.6929075Z [Fri Aug 12 08:56:35 UTC 2022] url='https://all-inkl.com/ip/''
'2022-08-12T09:01:52.6929405Z [Fri Aug 12 08:56:35 UTC 2022] timeout='
'2022-08-12T09:01:52.6929994Z [Fri Aug 12 08:56:35 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L ''
'2022-08-12T09:01:52.6930434Z [Fri Aug 12 08:56:40 UTC 2022] ret='0''
'2022-08-12T09:01:52.6930825Z [Fri Aug 12 08:56:40 UTC 2022] MyIP: ='40.113.242.204''
'2022-08-12T09:01:52.6931142Z [Fri Aug 12 08:56:40 UTC 2022] Record Id: '
'2022-08-12T09:01:52.6931474Z [Fri Aug 12 08:56:40 UTC 2022] No record found.'
'2022-08-12T09:01:52.6931889Z [Fri Aug 12 08:56:40 UTC 2022] ### -> Creating TXT DNS record'
'2022-08-12T09:01:52.6932297Z [Fri Aug 12 08:56:40 UTC 2022] Be frindly and wait 10 seconds by default before calling KAS API.'
'2022-08-12T09:01:52.6932682Z [Fri Aug 12 08:56:50 UTC 2022] POST'
'2022-08-12T09:01:52.6933166Z [Fri Aug 12 08:56:50 UTC 2022] _post_url='https://kasapi.kasserver.com/soap/KasApi.php''
'2022-08-12T09:01:52.6933825Z [Fri Aug 12 08:56:50 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L --retry 5 --connect-timeout 3 ''
'2022-08-12T09:01:52.6934306Z [Fri Aug 12 08:56:51 UTC 2022] _ret='0''
'2022-08-12T09:01:52.6934611Z [Fri Aug 12 08:56:51 UTC 2022] GET'
'2022-08-12T09:01:52.6935027Z [Fri Aug 12 08:56:51 UTC 2022] url='https://all-inkl.com/ip/''
'2022-08-12T09:01:52.6935357Z [Fri Aug 12 08:56:51 UTC 2022] timeout='
'2022-08-12T09:01:52.6935854Z [Fri Aug 12 08:56:51 UTC 2022] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L ''
'2022-08-12T09:01:52.6936506Z [Fri Aug 12 09:01:52 UTC 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 28'
'2022-08-12T09:01:52.6936978Z [Fri Aug 12 09:01:52 UTC 2022] ret='28''
'2022-08-12T09:01:52.6938886Z [Fri Aug 12 09:01:52 UTC 2022] MyIP: =' ''
'2022-08-12T09:01:52.6939282Z [Fri Aug 12 09:01:52 UTC 2022] An unkown error occurred, please check manually.'
'2022-08-12T09:01:52.6939860Z [Fri Aug 12 09:01:52 UTC 2022] Error add txt for domain:_acme-challenge.***'
'2022-08-12T09:01:52.6940235Z [Fri Aug 12 09:01:52 UTC 2022] _on_issue_err'

In the last log entry you can see that curl isn't able to call the "https://all-inkl.com/ip/" Page.

So currently we are not able to pass your DNS.yml and all-inkl is not able to see any problems on there side.
Is it possible that one of our PR ( Fix and Upgrade KAS API Call. #4222 or Fix for (broken) KASAPI by all-inkl.com #4219 ) can find there way to the master without the DNS.yml? If not we need to exclude dns_kas.sh from the project and skip the support for it.
Cheers
MarcO

[Neilpang]

which one is necessary to be merged? 4222 or 4219? or both ?

[Marco4223]

Only one of them is needed.
This ist mine -> Fix and Upgrade KAS API Call. #4222

But you can also choose Fix for (broken) KASAPI by all-inkl.com #4219

…but just one is needed.