-
-
Notifications
You must be signed in to change notification settings - Fork 3.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
certbot-dns-ovh fails with "Unexpected error determining zone identifier" when zone has a warning #9836
Comments
I assume this might be an issue with OVH. I also get the same exception:
|
Just in case this is helpful, I've queried the URL {
"errors": [],
"isDeployed": false,
"warnings": [
"zone [...] is a CNAME (illegal)",
"zone [...] is a CNAME (illegal)"
]
} I handled the warnings (which were visible in the UI but also present before I had the issue) and now it reports deployed as I don't know whether handling the warnings or doing anything in the zone changed the flag... |
Nice catch @xZise ! Fixing the zone warnings returned by |
This issue title is good and true. And according to me it's a problem. I always had warnings on my zone since I added SRV record that point to serveur DNS name on my LAN. Example: xmpp service for my company.fr point to xmpp.mycompany.lan. As OVH has no clue of the .lan zone, it considers this record as wrong, but it works really well. All my internal xmpp client (Thunderbird) redirect my user whose email addresses ends with @mycompany.fr to the right internal server. I should set an internal DNS proxy server to handle it right, but the one embedded in my router is just a kind of dnsmasq and it doesn't allow SRV records. Reason why I ended with this solution, that works well. But doing this I lose the renewal by certbot-dns-ovh. I looked at the code and didn't see any option to bypass this "is deployed" test. Would be great for me and maybe more. Regards, |
Hello, Same error for me. Same log files too... Nothing to fix this ? Thank you |
Also had the same issue. Deleting the record giving me a warning fixed the problem but now I don't have gmail verification on that domain which is annoying. I think this would be better fixed upstream in the Somebody has already made an issue in the lexicon repository here so hopefully it gets fixed upstream and we won't have an issue. |
My operating system is :
I installed Certbot with (snap, OS package manager, pip, certbot-auto, etc):
I ran this command and it produced this output:
The text was updated successfully, but these errors were encountered: