Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense + acme plugin + route53 (dynamic dns) fails

    Scheduled Pinned Locked Moved ACME
    3 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      codensnap
      last edited by codensnap

      Problem-
      Unable to issue/renew the certificate with Pfsense + acme plugin + route53 (dynamic dns) .

      My domain is:
      dragon.vkgh.org

      I verified Dynamic DNS with AWS works properly with the same user credentials. I followed steps here-
      https://www.ceos3c.com/cloud/aws-with-pfsense-part-2-route53-dyndns-with-pfsense/

      For Lets Encrypt+ AWS + pfsense, I followed -
      https://medium.com/@davidtstrauss/using-lets-encrypt-with-pfsense-576b50b7cfec
      I have added my HOSTED-ZONE-ID in the JSON script
      It produced this output:
      Please see attached images -
      pf_aws.png

      route53.png

      The operating system my web server runs on is (include version):
      2.4.4-RELEASE-p1 (amd64)
      built on Mon Nov 26 11:40:26 EST 2018
      FreeBSD 11.2-RELEASE-p4

      Acme version = 0.5.5_1

      Appreciate your help and pointers.

      Thanks.

      1 Reply Last reply Reply Quote 0
      • C
        codensnap
        last edited by codensnap

        Hi all,

        I have an update-

        The issue was that I had bought the domain through Google Domains, but I was trying to set up dynamic DNS+Letsencrypt for this domain through AWS. I’m not sure domain ownership works, this apparently is not correct. Obviously, if this method worked, people would be able to set up dynamic DNS for any random domains they did not own! 😁

        So I bought another domain through AWS and setup dynamic DNS+Letsencrypt both on AWS and repeated the process and it worked!

        Any idea why I can’t use the domain purchased on Google Domain with dynamic+Letsencrypt on AWS? Should I set up a some kind of backpointer from Google Domain to AWS for AWS to be able to host a dynamic DNS domain? Is this what I need to do? -
        https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/migrate-dns-domain-in-use.html

        I don’t want to transfer the domain from Google Domains to AWS.

        Thanks.

        1 Reply Last reply Reply Quote 0
        • R
          rkgraves
          last edited by

          CodenSnap, (I now this is an old thread but in case this might help others)

          I'm working on a similar setup (domain registered with Google and hosting DNS with either CloudFlare or AWS Route53). In domain.google.com there is an option to switch your DNS to "manual". Once switched to manual you have the option to entered to DNS servers for for your domain. I can enter either Route53 or ClouldFlare. In either service I then add my DNS instance and create my Zone. From there I was able to use Dynamic DNS, add A, AAAA, & TXT, records ,etc, with either DNS provider. Have not yet got the ACME client to work. But best-I-can-tell there is no negative with registering a domain with Google and then hosting your DNS with another provider.

          Best Regards,
          RKGraves

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.