-
Notifications
You must be signed in to change notification settings - Fork 620
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
security/acme-client: DNS Validation with DuckDNS #2060
Comments
This seems to be correct. But the However, it does not seem to work for all users, there is an upstream report for this issue: acmesh-official/acme.sh#2933. |
ahh ok, thanks, now I know what the DNS Alias Mode is for. |
Hey @chiwou could you give me a pointer as to which settings you used for the DNS Alias Mode, I'm having the same issue you did. Thanks! |
@RafhaanShah yeah sure, I assume you've your API token Common Name: yourdomain.duckdns.org I think you can even use a wildcard |
i still run into this issue after setting domain alias. The logs still show "_acme-challenge." as domain prefix. maybe its related to #2128? |
DuckDNS doesn't allow subdomains, looked through the acmesh-official hub, and could find the info in the matching script.
https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_duckdns.sh
The OPNSENSE plugin tries to update the subdomain _acme-challenge.domain.duckdns.org
If I try the update manually the TXT record I get an "KO", but if I remove the subdomain "_acme-challenge" from the request I get an "OK"
os-acme-client (installed) | 1.36 | 392KiB | Let's Encrypt client
LOG - from bottom to top (removed token and txt record)
The text was updated successfully, but these errors were encountered: