Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DNS alias mode failing when checking DNS records #4860

Open
pingram3541 opened this issue Nov 7, 2023 · 1 comment
Open

DNS alias mode failing when checking DNS records #4860

pingram3541 opened this issue Nov 7, 2023 · 1 comment

Comments

@pingram3541
Copy link

Steps to reproduce

  1. Setup DNS @ target domain per instructions -> https://github.com/acmesh-official/acme.sh/wiki/DNS-alias-mode#1-first-set-domain-cname
    site1.com DNS settings, new CNAM record as follows:
_acme-challenge.site1.com
   => _acme-challenge.site2.com

Screen Shot 2023-11-06 at 5 56 56 PM

  1. Setup DNS at Alias domain per instructions acme.sh suggests when TXT record is missing:
    site2.com DNS settings, new TXT record as follows:
_acme-challenge.site1.com
   => q2hJ9XxxxxxxxxxihC1fCVCRfNF5X1yWOTc

*TXT record cannot be empty, so I used a random string
Screen Shot 2023-11-06 at 5 58 07 PM

  1. Run command at site1.com:
acme.sh --issue \
    -d site1.com --challenge-alias site2.com --dns dns_cf -w $HOME/public_html/site1.com

Debug log

acme.sh --upgrade
[Mon Nov  6 20:51:46 EST 2023] Already uptodate!
[Mon Nov  6 20:51:46 EST 2023] Upgrade success!

acme.sh --issue \
>   -d site1.com --challenge-alias site2.com --dns dns_cf -w $HOME/public_html/site1.com
[Mon Nov  6 20:52:27 EST 2023] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Nov  6 20:52:27 EST 2023] Single domain='site1.com'
[Mon Nov  6 20:52:27 EST 2023] Getting domain auth token for each domain
[Mon Nov  6 20:52:29 EST 2023] Getting webroot for domain='site1.com'
[Mon Nov  6 20:52:29 EST 2023] Adding txt value: q2hJ9XxxxxxxxxxihC1fCVCRfNF5X1yWOTc for domain:  _acme-challenge.site2.com

[Mon Nov  6 20:52:30 EST 2023] Adding record
[Mon Nov  6 20:52:31 EST 2023] Added, OK
[Mon Nov  6 20:52:31 EST 2023] The txt record is added: Success.

[Mon Nov  6 20:52:31 EST 2023] Let's check each DNS record now. Sleep 20 seconds first.
[Mon Nov  6 20:52:52 EST 2023] You can use '--dnssleep' to disable public dns checks.
[Mon Nov  6 20:52:52 EST 2023] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
[Mon Nov  6 20:52:52 EST 2023] Checking site1.com for _acme-challenge.site2.com
[Mon Nov  6 20:52:53 EST 2023] Not valid yet, let's wait 10 seconds and check next one.

[Mon Nov  6 20:53:06 EST 2023] Let's wait 10 seconds and check again.
[Mon Nov  6 20:53:17 EST 2023] You can use '--dnssleep' to disable public dns checks.
[Mon Nov  6 20:53:17 EST 2023] See: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
[Mon Nov  6 20:53:17 EST 2023] Checking site1.com for _acme-challenge.site2.com
[Mon Nov  6 20:53:17 EST 2023] Not valid yet, let's wait 10 seconds and check next one.

[Mon Nov  6 20:53:30 EST 2023] Let's wait 10 seconds and check again.
...rinse/repeat
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 7, 2023

Please upgrade to the latest code and try again first. Maybe it's already fixed. acme.sh --upgrade If it's still not working, please provide the log with --debug 2, otherwise, nobody can help you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pingram3541