Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check multiple nameservers for self check validation if self check status not 200 #6707

Open
todeb opened this issue Feb 1, 2024 · 2 comments
Open

Check multiple nameservers for self check validation if self check status not 200 #6707

todeb opened this issue Feb 1, 2024 · 2 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.

Comments

@todeb
Copy link

todeb commented Feb 1, 2024

Is your feature request related to a problem? Please describe.
I have different records for domain.com in public and internal DNS server, I can define them both with:
--acme-http01-solver-nameservers="10.1.1.1:53,8.8.8.8:53,"
If status of self check gives 5xx/4xx code on private IP, I would like that self check will also be performed checking 2nd IP defined in 2nd nameserver without a delay.
Now as I understand it only query first DNS server. And if IP is resolved that only checking challenge using that IP.

Describe the solution you'd like
check first DNS in http challenge not only for resolution of IP but also for self check status. If it is not 200, perform check with 2nd DNS immediately.
Or another flag can be set for additional not default DNS, like:
--acme-http01-solver-add-nameservers=

So if flag is defined, do a retry of self check using add-nameservers.

/kind feature
@jetstack-bot jetstack-bot added the kind/feature Categorizes issue or PR as related to a new feature. label Feb 1, 2024
@cert-manager-bot
Copy link
Contributor

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
/lifecycle stale

@cert-manager-prow cert-manager-prow bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 1, 2024
@cert-manager-bot
Copy link
Contributor

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close.
/lifecycle rotten
/remove-lifecycle stale

@cert-manager-prow cert-manager-prow bot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels May 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jetstack-bot @todeb @cert-manager-bot