ACME Add txt record error.



  • Hello everybody :)

    Last time i renewed the certificate was on 5/4 and worked fine (production2 server), now it gives an error since 10 days or so and renewal fails.. i use Godaddy DNS method.

    On Issue/Renew

    [Wed Apr 25 09:54:48 CEST 2018] Registering account
    [Wed Apr 25 09:54:50 CEST 2018] Already registered
    [Wed Apr 25 09:54:50 CEST 2018] ACCOUNT_THUMBPRINT='25uj_xYKyNohDnc8xxxx1xLsM1UZEZDme4o-IgaY6SE'
    [Wed Apr 25 09:54:50 CEST 2018] Single domain='MYDOMAIN.com'
    [Wed Apr 25 09:54:50 CEST 2018] Getting domain auth token for each domain
    [Wed Apr 25 09:54:51 CEST 2018] Getting webroot for domain='MYDOMAIN.com'
    [Wed Apr 25 09:54:51 CEST 2018] Found domain api file: /usr/local/pkg/acme/dnsapi/dns_gd.sh
    [Wed Apr 25 09:54:53 CEST 2018] Adding record
    [Wed Apr 25 09:54:53 CEST 2018] Add txt record error.
    [Wed Apr 25 09:54:53 CEST 2018] 
    [Wed Apr 25 09:54:53 CEST 2018] Error add txt for domain:_acme-challenge.MYDOMAIN.com
    [Wed Apr 25 09:54:53 CEST 2018] Please check log file for more details: /tmp/acme/MYDOMAIN.com/acme_issuecert.log
    

    in acme_issuecert.log for more detail

    [Wed Apr 25 09:54:53 CEST 2018] Adding record
    [Wed Apr 25 09:54:53 CEST 2018] domains/MYDOMAIN.com/records/TXT/_acme-challenge
    [Wed Apr 25 09:54:53 CEST 2018] data='[{"data":"EVqmuakBKORv-Yvascs7UAPbMZdpCuoIJIXl0Ja3TPU"}]'
    [Wed Apr 25 09:54:53 CEST 2018] PUT
    [Wed Apr 25 09:54:53 CEST 2018] _post_url='https://api.godaddy.com/v1/domains/MYDOMAIN.com/records/TXT/_acme-challenge'
    [Wed Apr 25 09:54:53 CEST 2018] body='[{"data":"EVqmuakBKORv-Yvascs7UAPbMZdpCuoIJIXl0Ja3TPU"}]'
    [Wed Apr 25 09:54:53 CEST 2018] _postContentType
    [Wed Apr 25 09:54:53 CEST 2018] Http already initialized.
    [Wed Apr 25 09:54:53 CEST 2018] _CURL='curl -L --silent --dump-header /tmp/acme/MYDOMAIN.com//http.header  -g '
    [Wed Apr 25 09:54:53 CEST 2018] _ret='0'
    [Wed Apr 25 09:54:53 CEST 2018] response
    [Wed Apr 25 09:54:53 CEST 2018] Add txt record error.
    [Wed Apr 25 09:54:53 CEST 2018] 
    [Wed Apr 25 09:54:53 CEST 2018] Error add txt for domain:_acme-challenge.MYDOMAIN.com
    [Wed Apr 25 09:54:53 CEST 2018] pid
    [Wed Apr 25 09:54:53 CEST 2018] No need to restore nginx, skip.
    [Wed Apr 25 09:54:53 CEST 2018] _clearupdns
    [Wed Apr 25 09:54:53 CEST 2018] skip dns.
    [Wed Apr 25 09:54:53 CEST 2018] _on_issue_err
    [Wed Apr 25 09:54:53 CEST 2018] Please check log file for more details: /tmp/acme/MYDOMAIN.com/acme_issuecert.log
    
    

    TXT Challenge is correctly written but it fails "error add txt"

    in the ACME Authz

    {
      "identifier": {
        "type": "dns",
        "value": "MYDOMAIN.com"
      },
      "status": "invalid",
      "expires": "2018-05-02T07:54:50Z",
      "challenges": [
        {
          "type": "dns-01",
          "status": "invalid",
          "error": {
            "type": "urn:ietf:params:acme:error:dns",
            "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.MYDOMAIN.com",
            "status": 400
          },
          "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/OPHou3FWj9wxxxxK20sd_b7x_0vYPEjZA_ZZbZUku4/4367165012",
          "token": "xxxx9DnR59sOncqCjfohAV-srGUbCimXWwyZ3frtGns"
        },
        {
          "type": "http-01",
          "status": "invalid",
          "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/OPHou3FWj9wxxxxK20sd_b7x_0vYPEjZA_ZZbZUku4/4367165013",
          "token": "xxxxiI76PRyeLsjFt0ItJ_t7w32-QcuqLQK689X-QHA"
        }
      ]
    }
    

    i should have blacked out everything relative to my real data.


  • Rebel Alliance Developer Netgate

    Looks like an upstream bug due to a change in the GoDaddy server responses:

    https://github.com/Neilpang/acme.sh/issues/1539

    Next time I sync up the ACME package code it will work again.



  • @jimp:

    Looks like an upstream bug due to a change in the GoDaddy server responses:

    https://github.com/Neilpang/acme.sh/issues/1539

    Next time I sync up the ACME package code it will work again.

    great, going to report results when fixed, thank you!


  • Rebel Alliance Developer Netgate

    It should be up any time now, as soon as things build. Might be 5-10 mins.



  • fixed! that was fast  ;D