Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add AAAA records for autodiscover & autoconfig #1606

Merged
merged 1 commit into from Jul 10, 2019

Conversation

Projects
None yet
3 participants
@jvolkenant
Copy link
Contributor

commented Jul 9, 2019

In researching autodiscover for Exchange and autoconfig for Thunderbird. There were only ever references to A record lookups in the specs. I found this post in the forums that referenced issues getting ssl certs because the AAAA records were missing for autodiscover.* and autoconfig.*.

It appears that certbot may have issues with not having both ipv6 & ipv4 addresses for a domain. (perhaps it globs all of the dns records for domains it intends to get on the same cert?). PR adds AAAA records if host has an IPV6 address.

I was not using ipv6 until today. I tested the PR, it adds the AAAA dns entries. I deleted my autoconfig certs and was able to re-issue certs for them. grep "GET /.well-known/acme-challenge" /var/log/nginx/access.log confirms ipv6 was used to verify the http-01 challenge.

@JoshData JoshData merged commit fd5b118 into mail-in-a-box:master Jul 10, 2019

@JoshData

This comment has been minimized.

Copy link
Member

commented Jul 10, 2019

Nice.

@stephenreda

This comment has been minimized.

Copy link

commented Jul 10, 2019

@JoshData Will this fix the issue with the new autodiscover AAAA records (introduced in v42) not being set automatically? I 'upgraded' back to .41 but these records are still showing as not being set.

@JoshData

This comment has been minimized.

Copy link
Member

commented Jul 12, 2019

I think so!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.