Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS challenge on Windows #289

Closed
FX8350 opened this issue May 26, 2022 · 2 comments
Closed

DNS challenge on Windows #289

FX8350 opened this issue May 26, 2022 · 2 comments

Comments

@FX8350
Copy link

FX8350 commented May 26, 2022

Sorry for my poor English.

Hello,

I 'm running Apache on Windows.

I have written a simple script using powershell for a DNS challenge.
When I run this script manually with arguments from the powershell terminal, the TXT records are added/removed correctly via the DNS API.

However, when I specify this script for MDChallengeDns01, I get errors.
Is it possible to specify a Powershell script in MDChallengeDns01?

Apache config

MDCAChallenges dns-01
MDChallengeDns01 D:\bin\PowerShell-7.2.4-win-x64\pwsh.exe -File D:\bin\Apache24\md\dns.ps1
MDCertificateAuthority https://acme-staging-v02.api.letsencrypt.org/directory
MDCertificateAgreement accepted
<MDomain example.net>
    MDMember *.example.net
</MDomain>
<VirtualHost *:443>
    ServerName example.net
    DocumentRoot "${SRVROOT}/htdocs"
    SSLEngine on
    CustomLog "|bin/rotatelogs.exe logs/access_%y-%m-%d_443.log 86400 540" combined
</VirtualHost>

my script as dns.ps1

Param (
    [parameter(Mandatory)]
    $Mode,
    [parameter(Mandatory)]
    $Domain,
    [parameter()]
    $Challenge
)

# remove *.
$Domain = $Domain -replace "^\*\.", ""

# Clooudflare API URI
$Api = "https://api.cloudflare.com/client/v4"

# Cloudflare API Token
$Token = "my_token"
$ZoneId = "my_zone_id"

# Set Headers
$Headers = @{
    "Authorization" = "Bearer $Token"
}

if ($Mode -match "^setup$") {
    $SetupUri = "$Api/zones/$ZoneID/dns_records/"
    $Body = (@{
        "type" = "TXT"
        "name" = "_acme-challenge.$Domain"
        "content" = $Challenge
    } | ConvertTo-Json)
    $Response = Invoke-RestMethod -Method Post -Uri $SetupUri -Body $Body -Headers $Headers -ContentType 'application/json'
} elseif ($Mode -match "^teardown$") {
    $TxtIdUri = "$Api/zones/$ZoneID/dns_records?name=_acme-challenge.$domain&type=TXT"
    $Response = Invoke-RestMethod -Method Get -Uri $TxtIdUri -Headers $Headers -ContentType 'application/json'
    $TxtId = $Response.result.id
    $TeardownUri = "$Api/zones/$ZoneID/dns_records/$TxtId"
    $Response = Invoke-RestMethod -Method Delete -Uri $TeardownUri -Body $Body -Headers $Headers -ContentType 'application/json'
}

error message

[Thu May 26 11:10:40.704723 2022] [md:warn] [pid 4984:tid 636] (OS 2)指定されたファイルが見つかりません。  : example.net: dns-01 setup command failed to execute for example.net
[Thu May 26 11:10:40.704723 2022] [md:error] [pid 4984:tid 636] (OS 2)指定されたファイルが見つかりません。  : md[example.net] while[Setting up challenge 'dns-01' for domain example.net] problem[challenge-setup-failure] detail[None of the offered challenge types example.net offered for domain http-01 dns-01 tls-alpn-01 could be setup successfully. Please check the log for errors.]
[Thu May 26 11:10:40.704723 2022] [md:error] [pid 4984:tid 636] (OS 2)指定されたファイルが見つかりません。  : AH10056: processing example.net: None of the offered challenge typesexample.net offered for domain http-01 dns-01 tls-alpn-01 could be setup successfully. Please check the log for errors.

指定されたファイルが見つかりません。 means The specified file could not be found.

I also tried the following batch file as run.bat

MDChallengeDns01 D:\bin\Apache24\md\run.bat
pwsh -File .\dns.ps1 %1 %2 %3

This will give different errors.

[Thu May 26 13:18:50.537822 2022] [md:error] [pid 9284:tid 608] (20014)Internal error (specific information not available): md[example.net] while[Setting up challenge 'dns-01' for domain example.net] problem[challenge-setup-failure] detail[None of the offered challenge types example.net offered for domain dns-01 could be setup successfully. Please check the log for errors.]
[Thu May 26 13:18:50.537822 2022] [md:error] [pid 9284:tid 608] (20014)Internal error (specific information not available): AH10056: processing example.net: None of the offered challenge types example.net offered for domain dns-01 could be setup successfully. Please check the log for errors.
@icing
Copy link
Owner

icing commented May 26, 2022

I am not familiar with Powershell. There are two things necessary for the MDChallengeDns01 command to work:

  1. The file needs to be executable
  2. On success, it needs to return 0 as status code

Case 1 seems to fail for the Powershell script, maybe case 2 happend to the .bat?

For other people using Apache on Windows, https://www.apachelounge.com is a good place to ask questions. Hope it helps.

@FX8350
Copy link
Author

FX8350 commented May 26, 2022

Thanks for your kind response.
I will ask my question there.

@FX8350 FX8350 closed this as completed May 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@icing @FX8350