dns-01 challenge is blowing up simp_le client #68
Comments
|
The problem is that the official client didn't check if the certificat need to be update or not. |
|
so as an update -- it seems simp_le + letsencrpyt trigger the dns-01 challenge only if the domain contains uppercase characters. E.g. the VIRTUAL_HOST is set to |
|
An alternative approach would be to normalize/lowercase the domain names in this container. @JrCs would you be open to a PR for this? or is this something that you believe should be handled upstream in simp_le? Thanks! |
|
No i can make a patch to transform domainname to lower case. |
|
It's also better if it is fix in simp_le client |
|
@JrCs apologies for the radio delay. I agree it's better to fix in simp_le as well -- esp. considering that nginx-proxy enables SSL based on a case-sensitve search for |
We've been running this container with success, and so far have been very happy with it. Thanks!
A couple a days ago we started seeing
Unhandled errorsoccuring in the logs. They are coming from the simp_le client when creating/renewing certificates. It appears that the simp_le client is receiving dns-01 challenges from letsencrypt. I imagine it previously received http-01 challenges (e.g..well-known/acme-challengeresponse urls) which worked fine.I'm not sure if it's our configuration or the simp_le client. We're trying to create a cert for the
aaa.qa-1.blueacorn.netdomain name. debugging shows InitialIP as66.49.116.181, which aaa.qa-1.blueacorn.net resolves to. Not sure why letsencrypt is sending the dns-01 challenge -- but perhaps it may make sense to move to official client if this goes unresolved?I've opened an issue on the simp_le project regarding this. kuba/simp_le#110
It contains full debug log. Please let me know if I can help (and/or try alternative clients).
The text was updated successfully, but these errors were encountered: