New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DNS lookup may fail if response has differing case #1112
Comments
I am having same issue: |
@billzhong: does your domain also have uppercase characters in it when you run nslookup? It would help us debug if you'd post the actual name of your domain. Thanks! |
I'm also having the same issue:
However, I can resolve the host name without issues on any DNS server:
|
We use unbound for DNS, which uses query capitalization to add additional bits of query entropy, improving resistance to DNS spoofing. That is often the cause of issues like this one, where we fail to resolve a name that resolves with dig. However, I checked radius.canall.com.br, and it appears to copy over the capitalization, so that's not the issue. I will continue to think about this. Thanks for reporting! |
While you check on this, is there a workaround that would allow me to get this certificate? |
At https://community.letsencrypt.org/t/the-server-could-not-resolve-a-domain-name/3142/4, mf_bin reports getting
unknownHost :: The server could not resolve a domain name :: No IPv4 addresses found for www.leinwand-bilder.com
.They note that the response for that domain is capitalized:
It's possible that our DNS code doesn't handle responses whose case doesn't match the case of the question. I can reproduce the issue locally: my Boulder instance gives the same error for that domain if I point Boulder at real DNS instead of the local test DNS.
The text was updated successfully, but these errors were encountered: