Acme fails with DNSMadeEasy and need alternative
-
Hi,
Prior to pfsense 2.4.5 we were using the DNSMadeEasy connection for acme for the past several years. However since the upgrade it no longer functions. We have spent the last several weeks working with DNSMadeEasy trying to determine the issue and they have advised us that it is something in the connector ( they believe we are using an older version of acme) which is not compatible with their system.
They have advised us to find another solution. In that endeavor we have tried several alternate options ( webroot FTP (spfs) and standalone Http), and each seems to provide it's own failures. The issue on these new methods we tried seems to focus in our use of HaProxy to direct the websites to the correct backend servers.
Is there a simple and straight forward tutorial/documentation that shows us how to implement acme with haproxy using, for example, the Standalone-http server method or any other that actually works.
Any help would be appreciated
Thanks
-
@cjbujold said in Acme fails with DNSMadeEasy and need alternative:
older version of acme
Then what are you using ?
The acme package of pfSense is using 2.8.6 from "the source".
Btw : the best method, IMHO, is 'nsupdate' - if "DNSMadeEasy" really stands for what they say they are, they would offer this method.
-
Using the latest. acme and PFsense. Updated this morning acme to 0.6.7. and will try to update again.
With regards to your question is they do offer nsupdate, the issue is that it needs that all records have to be sent. we have over 250 records in our DNS and they are the primary. Concerned about something going wrong and affecting something else Before we upgraded to 2.4.5 and 0.6.6, the api to DNSmadeEasy was working for the past 3 years without a hitch.
They are confirming the issue I see that the plugin is not negotiating the authentication properly "the API is saying that it is unable to verify the HMAC"
