Pfsense + acme plugin + route53 (dynamic dns) fails



  • Problem-
    Unable to issue/renew the certificate with Pfsense + acme plugin + route53 (dynamic dns) .

    My domain is:
    dragon.vkgh.org

    I verified Dynamic DNS with AWS works properly with the same user credentials. I followed steps here-
    https://www.ceos3c.com/cloud/aws-with-pfsense-part-2-route53-dyndns-with-pfsense/

    For Lets Encrypt+ AWS + pfsense, I followed -
    https://medium.com/@davidtstrauss/using-lets-encrypt-with-pfsense-576b50b7cfec
    I have added my HOSTED-ZONE-ID in the JSON script
    It produced this output:
    Please see attached images -
    pf_aws.png

    route53.png

    The operating system my web server runs on is (include version):
    2.4.4-RELEASE-p1 (amd64)
    built on Mon Nov 26 11:40:26 EST 2018
    FreeBSD 11.2-RELEASE-p4

    Acme version = 0.5.5_1

    Appreciate your help and pointers.

    Thanks.



  • Hi all,

    I have an update-

    The issue was that I had bought the domain through Google Domains, but I was trying to set up dynamic DNS+Letsencrypt for this domain through AWS. I’m not sure domain ownership works, this apparently is not correct. Obviously, if this method worked, people would be able to set up dynamic DNS for any random domains they did not own! 😁

    So I bought another domain through AWS and setup dynamic DNS+Letsencrypt both on AWS and repeated the process and it worked!

    Any idea why I can’t use the domain purchased on Google Domain with dynamic+Letsencrypt on AWS? Should I set up a some kind of backpointer from Google Domain to AWS for AWS to be able to host a dynamic DNS domain? Is this what I need to do? -
    https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/migrate-dns-domain-in-use.html

    I don’t want to transfer the domain from Google Domains to AWS.

    Thanks.


Log in to reply