Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Acme fails with DNSMadeEasy and need alternative

    ACME
    2
    3
    443
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cjbujold
      last edited by

      Hi,

      Prior to pfsense 2.4.5 we were using the DNSMadeEasy connection for acme for the past several years. However since the upgrade it no longer functions. We have spent the last several weeks working with DNSMadeEasy trying to determine the issue and they have advised us that it is something in the connector ( they believe we are using an older version of acme) which is not compatible with their system.

      They have advised us to find another solution. In that endeavor we have tried several alternate options ( webroot FTP (spfs) and standalone Http), and each seems to provide it's own failures. The issue on these new methods we tried seems to focus in our use of HaProxy to direct the websites to the correct backend servers.

      Is there a simple and straight forward tutorial/documentation that shows us how to implement acme with haproxy using, for example, the Standalone-http server method or any other that actually works.

      Any help would be appreciated

      Thanks

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @cjbujold
        last edited by

        @cjbujold said in Acme fails with DNSMadeEasy and need alternative:

        older version of acme

        Then what are you using ?

        The acme package of pfSense is using 2.8.6 from "the source".

        Btw : the best method, IMHO, is 'nsupdate' - if "DNSMadeEasy" really stands for what they say they are, they would offer this method.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • C
          cjbujold
          last edited by

          Using the latest. acme and PFsense. Updated this morning acme to 0.6.7. and will try to update again.

          With regards to your question is they do offer nsupdate, the issue is that it needs that all records have to be sent. we have over 250 records in our DNS and they are the primary. Concerned about something going wrong and affecting something else Before we upgraded to 2.4.5 and 0.6.6, the api to DNSmadeEasy was working for the past 3 years without a hitch.

          They are confirming the issue I see that the plugin is not negotiating the authentication properly "the API is saying that it is unable to verify the HMAC"

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.