tencentcloud: fix InvalidParameter.DomainInvalid error when using DNS challenges #1616
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
A FQDN will cause problems with Tencent SDK. `InvalidParameter.DomainInvalid` will be returned. UnFQDN the domain name will do.
|
Hello, are you able to do: (and put the output of this command to a comment in your PR) rm -rf .lego
./lego -m your@email.com --dns tencentcloud -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory runNote that the wildcard domain is important. You have to replace |
ldez
changed the title
|
Sure! Here is the output (with my actual domain names and email censored). Output$ rm -rf .lego && ./lego -m myemail@qq.com --dns tencentcloud -d "*.mydomain.com" -d "mydomain.com" -s "https://acme-staging-v02.api.letsencrypt.org/directory" --dns.resolvers 119.29.29.29 run
2022/04/03 23:33:31 No key found for account myemail@qq.com. Generating a P256 key.
2022/04/03 23:33:31 Saved key to /Users/charlie/projects/temporary/lego/dist/.lego/accounts/acme-staging-v02.api.letsencrypt.org/myemail@qq.com/keys/myemail@qq.com.key
2022/04/03 23:33:32 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Do you accept the TOS? Y/n
Y
2022/04/03 23:33:43 [INFO] acme: Registering account for myemail@qq.com
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/Users/charlie/projects/temporary/lego/dist/.lego/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2022/04/03 23:33:44 [INFO] [*.mydomain.com, mydomain.com] acme: Obtaining bundled SAN certificate
2022/04/03 23:33:45 [INFO] [*.mydomain.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2081686778
2022/04/03 23:33:45 [INFO] [mydomain.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2081686788
2022/04/03 23:33:45 [INFO] [*.mydomain.com] acme: use dns-01 solver
2022/04/03 23:33:45 [INFO] [mydomain.com] acme: Could not find solver for: tls-alpn-01
2022/04/03 23:33:45 [INFO] [mydomain.com] acme: Could not find solver for: http-01
2022/04/03 23:33:45 [INFO] [mydomain.com] acme: use dns-01 solver
2022/04/03 23:33:45 [INFO] [*.mydomain.com] acme: Preparing to solve DNS-01
2022/04/03 23:33:46 [INFO] [mydomain.com] acme: Preparing to solve DNS-01
2022/04/03 23:33:47 [INFO] [*.mydomain.com] acme: Trying to solve DNS-01
2022/04/03 23:33:47 [INFO] [*.mydomain.com] acme: Checking DNS record propagation using [119.29.29.29:53]
2022/04/03 23:33:49 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2022/04/03 23:33:49 [INFO] [*.mydomain.com] acme: Waiting for DNS record propagation.
2022/04/03 23:33:58 [INFO] [*.mydomain.com] The server validated our request
2022/04/03 23:33:58 [INFO] [mydomain.com] acme: Trying to solve DNS-01
2022/04/03 23:33:58 [INFO] [mydomain.com] acme: Checking DNS record propagation using [119.29.29.29:53]
2022/04/03 23:34:00 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2022/04/03 23:34:08 [INFO] [mydomain.com] The server validated our request
2022/04/03 23:34:08 [INFO] [*.mydomain.com] acme: Cleaning DNS-01 challenge
2022/04/03 23:34:10 [INFO] [mydomain.com] acme: Cleaning DNS-01 challenge
2022/04/03 23:34:11 [WARN] [mydomain.com] acme: cleaning up failed: tencentcloud: list records failed: [TencentCloudSDKError] Code=ResourceNotFound.NoDataOfRecord, Message=记录列表为空。, RequestId=2e1f1ae5-565b-4d96-862b-2c421c72006b
2022/04/03 23:34:11 [INFO] [*.mydomain.com, mydomain.com] acme: Validations succeeded; requesting certificates
2022/04/03 23:34:12 [INFO] [*.mydomain.com] Server responded with a certificate. |
Closed
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In #1527, there is a comment saying he encountered InvalidParameter.DomainInvalid when using DNS challenges with Tencent Cloud DNS.
This PR fixes that.
How:
Using FQDN as
request.Domainwill cause problems with Tencent SDK andInvalidParameter.DomainInvalidwill be returned.UnFQDN the domain name will solve it.
Formatting, linters, tests, and compiling have all passed.