Acme DNS-NSupdate / RFC 2136
-
acme 0.2.6 DNS-NSupdate / RFC 2136 in PF2.4.3 not work.
i have test v1 and v2. it is can't use TSIG for update.
Renewing certificateaccount: xiao@on.org
server: letsencrypt-production/usr/local/pkg/acme/acme.sh –issue -d 'xiao.net' --home '/tmp/acme/xiao.net-xmpp/' --accountconf '/tmp/acme/xiao.net-xmpp/accountconf.conf' --force --reloadCmd '/tmp/acme/xiao.net-xmpp/reloadcmd.sh' --dns 'dns_nsupdate' --log-level 3 --log '/tmp/acme/xiao.net-xmpp/acme_issuecert.log'
Array
(
[path] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[PATH] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[NSUPDATE_SERVER] => /tmp/acme/xiao.net-xmpp/xiao.net/nsupdate
[NSUPDATE_KEYNAME] =>
[NSUPDATE_KEYALGO] => 157
[NSUPDATE_KEY] => /tmp/acme/xiao.net-xmpp/xiao.net/nsupdate
)
[Tue Apr 3 13:08:25 CST 2018] Single domain='xiao.net'
[Tue Apr 3 13:08:25 CST 2018] Getting domain auth token for each domain
[Tue Apr 3 13:08:25 CST 2018] Getting webroot for domain='xiao.net'
[Tue Apr 3 13:08:25 CST 2018] Getting new-authz for domain='xiao.net'
[Tue Apr 3 13:08:32 CST 2018] The new-authz request is ok.
[Tue Apr 3 13:08:32 CST 2018] Found domain api file: /usr/local/pkg/acme/dnsapi/dns_nsupdate.sh
[Tue Apr 3 13:08:32 CST 2018] adding _acme-challenge.xiao.net. 60 in txt "tLfHes4-b6Q9-dRkkOrX1yFN1s4QLAKQ6OxGY2e7RKg"
dns_request_getresponse: expected a TSIG or SIG(0)
[Tue Apr 3 13:08:32 CST 2018] error updating domain
[Tue Apr 3 13:08:32 CST 2018] Error add txt for domain:_acme-challenge.xiao.net
[Tue Apr 3 13:08:32 CST 2018] Please check log file for more details: /tmp/acme/xiao.net-xmpp/acme_issuecert.log
-
You need to have an RFC2136 server to update:
-
You need to have an RFC2136 server to update:
the services_dyndns.php is normal work.
but acme update not work.
-
The code is fine, it works for me and hundreds, maybe thousands, of others.
Something is wrong in your settings or with your DNS provider.
