Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    pf 2.4.4, ACME 0.6.4, Bind, Can't Pull Cert

    ACME
    1
    2
    129
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MeCJay12 last edited by

      Hello! I have a domain that I'd like to automate getting a wildcard cert for. I have the domain hosted on private Bind servers. when I run the following on a Linux host on my network I can update the zone:

      <user>@Bound:~$ nsupdate
      server ns1.<doamin.com>
      key External <key>
      zone _acme-challenge.<doamin.com>
      update add _acme-challenge.<doamin.com> 600 IN A 192.168.1.1
      send
      update add _acme-challenge.<doamin.com> 600 IN TXT "Test"
      send

      On the other hand I cannot get pfSense to update a record. Here is my acme me config that errors out:


      9cafd25f-1d77-43bb-a808-675330bb9b09-image.png
      7b171dff-5a86-4be1-a568-e274e5909d08-image.png

      And here's the error log: https://pastebin.com/TVu2uH9a. If I knew more about what I was looking at I'd truncate it but right now I'm just lost as to why this isn't working. Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • M
        MeCJay12 last edited by

        Update: When I try to setup Dynmaic DNS RFC 2136 updates (just to test) I noticed this error:

        /services_rfc2136_edit.php: The command '/usr/local/bin/nsupdate -k /var/etc/nsupdatekey0 /var/etc/nsupdatecmds0' returned exit code '1', the output was 'check-names failed: bad owner '_acme-challenge.<doamin.com>' syntax error'

        I briefly looked up solutions but then mentioned puny-code and I still don't quite understand. Going to keep looking into this.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post