Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ACME 0.6.9_1 DNS ISPConfig Record ID: 'false}'

    Scheduled Pinned Locked Moved ACME
    4 Posts 3 Posters 751 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MarcinSempek
      last edited by MarcinSempek

      Hello,
      I have a problem with adding TXT record to DNS on ISPConfig, certificate generation ends with an error when trying to write data to DNS server.

      ACME log

      pf.example.pl
      Renewing certificate 
      account: Testowy 
      server: letsencrypt-staging-2 
      
      /usr/local/pkg/acme/acme.sh  --issue  --domain 'pf.example.pl' --dns 'dns_ispconfig'  --home '/tmp/acme/pf.example.pl/' --accountconf '/tmp/acme/pf.example.pl/accountconf.conf' --force --reloadCmd '/tmp/acme/pf.example.pl/reloadcmd.sh' --log-level 3 --log '/tmp/acme/pf.example.pl/acme_issuecert.log'
      Array
      (
          [path] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
          [PATH] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
          [ISPC_User] => API_pf.example.pl
          [ISPC_Password] => 123123123
          [ISPC_Api] => https://isp2.example.pl:8080/remote/json.php
          [ISPC_Api_Insecure] => 1
      )
      [Wed Oct 28 13:32:09 CET 2020] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
      [Wed Oct 28 13:32:09 CET 2020] Single domain='pf.example.pl'
      [Wed Oct 28 13:32:09 CET 2020] Getting domain auth token for each domain
      [Wed Oct 28 13:32:13 CET 2020] Getting webroot for domain='pf.example.pl'
      [Wed Oct 28 13:32:13 CET 2020] Adding txt value: zjzcvMo7wg38mvYRuHClkKFnWew9oahsiXl4XKCmPJY for domain:  _acme-challenge.pf.example.pl
      [Wed Oct 28 13:32:13 CET 2020] Getting Session ID
      [Wed Oct 28 13:32:14 CET 2020] Retrieved Session ID.
      [Wed Oct 28 13:32:14 CET 2020] Getting Zoneinfo
      [Wed Oct 28 13:32:14 CET 2020] Retrieved zone data.
      [Wed Oct 28 13:32:14 CET 2020] Retrieved Server ID
      [Wed Oct 28 13:32:14 CET 2020] Retrieved Zone ID
      [Wed Oct 28 13:32:14 CET 2020] Retrieved Client ID.
      [Wed Oct 28 13:32:14 CET 2020] Couldn't add ACME Challenge TXT record to zone.
      [Wed Oct 28 13:32:14 CET 2020] Error add txt for domain:_acme-challenge.pf.example.pl
      [Wed Oct 28 13:32:14 CET 2020] Please check log file for more details: /tmp/acme/pf.example.pl/acme_issuecert.log
      
      

      acme_issuecert.log

      [Wed Oct 28 11:11:49 CET 2020] Calling _ISPC_addTxt: '{"session_id":"a02d9db6d06e386e93c2fdb54d5225cb","client_id":"1","params":{"server_id":"1","zone":"3","name":"_acme-challenge.pf.example.pl.","type"             :"txt","data":"IUQ3CZNFWpca03fc1oysACTVNhXjxwbANb09EKxa19Q","aux":"0","ttl":"3600","active":"y","stamp":"2020-10-28 11:11:46","serial":"1603879906"},"update_serial":true}' 'https://isp2.example.pl:8080/remote/json.php?dns_txt_add'
      [Wed Oct 28 11:11:49 CET 2020] Result of _ISPC_addTxt: '{"code":"remote_fault","message":"Incorrect integer value: '' for column `dbispconfig`.`dns_rr`.`sys_userid` at row 1 INSERT INTO `dns_rr` (`server_id`, `zone`, `name`, `type`, `data`, `ttl`, `active`, `stamp`, `serial`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`) VALUES ('1', '3', '_acme-challenge.pf.example.pl.', 'txt', 'IUQ3CZNFWpca03fc1oysACTVNhXjxwbANb09EKxa19Q', '3600', 'y', '2020-10-28 11:11:46', '1603879906', '', '', 'riud', 'riud', '')","response":false}'
      [Wed Oct 28 11:11:49 CET 2020] Record ID: 'false}'
      [Wed Oct 28 11:11:49 CET 2020] Couldn't add ACME Challenge TXT record to zone.
      [Wed Oct 28 11:11:49 CET 2020] Error add txt for domain:_acme-challenge.pf.example.pl
      [Wed Oct 28 11:11:49 CET 2020] _on_issue_err
      [Wed Oct 28 11:11:49 CET 2020] Please check log file for more details: /tmp/acme/pf.example.pl/acme_issuecert.log
      
      

      Can someone help why ACME does not finish writing to the DNS correctly?
      Thank you for your help with this problem.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Looks like something might have changed on the server side for ispconfig that needs an update in the acme.sh (not pfSense code) or maybe something is different about your ispconfig setup compared to others.

        I see https://github.com/acmesh-official/acme.sh/issues/2705 which seems similar but is still open upstream, they haven't put in a fix for it.

        Remember: Upvote with the πŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • M
          MarcinSempek
          last edited by

          I have added the corrected code fragments from https://github.com/acmesh-official/acme.sh/issues/2705 to the file dns_ispconfig.sh on pfSense

          dns_ispconfig.sh now looks like this:

          #!/usr/bin/env sh
          
          # ISPConfig 3.1 API
          # User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to:
          # - DNS txt Functions
          
          # Report bugs to https://github.com/sjau/acme.sh
          
          # Values to export:
          # export ISPC_User="remoteUser"
          # export ISPC_Password="remotePassword"
          # export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php"
          # export ISPC_Api_Insecure=1     # Set 1 for insecure and 0 for secure -> difference is whether ssl cert is checked for validity (0) or whether it is just accepted (1)
          
          ########  Public functions #####################
          
          #Usage: dns_myapi_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
          dns_ispconfig_add() {
            fulldomain="${1}"
            txtvalue="${2}"
            _debug "Calling: dns_ispconfig_add() '${fulldomain}' '${txtvalue}'"
            _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt
          }
          
          #Usage: dns_myapi_rm   _acme-challenge.www.domain.com
          dns_ispconfig_rm() {
            fulldomain="${1}"
            _debug "Calling: dns_ispconfig_rm() '${fulldomain}'"
            _ISPC_credentials && _ISPC_login && _ISPC_rmTxt
          }
          
          ####################  Private functions below ##################################
          
          _ISPC_credentials() {
            if [ -z "${ISPC_User}" ] || [ -z "$ISPC_Password" ] || [ -z "${ISPC_Api}" ] || [ -z "${ISPC_Api_Insecure}" ]; then
              ISPC_User=""
              ISPC_Password=""
              ISPC_Api=""
              ISPC_Api_Insecure=""
              _err "You haven't specified the ISPConfig Login data, URL and whether you want check the ISPC SSL cert. Please try again."
              return 1
            else
              _saveaccountconf ISPC_User "${ISPC_User}"
              _saveaccountconf ISPC_Password "${ISPC_Password}"
              _saveaccountconf ISPC_Api "${ISPC_Api}"
              _saveaccountconf ISPC_Api_Insecure "${ISPC_Api_Insecure}"
              # Set whether curl should use secure or insecure mode
              export HTTPS_INSECURE="${ISPC_Api_Insecure}"
            fi
          }
          
          _ISPC_login() {
            _info "Getting Session ID"
            curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}"
            curResult="$(_post "${curData}" "${ISPC_Api}?login")"
            _debug "Calling _ISPC_login: '${curData}' '${ISPC_Api}?login'"
            _debug "Result of _ISPC_login: '$curResult'"
            if _contains "${curResult}" '"code":"ok"'; then
              sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
              _info "Retrieved Session ID."
              _debug "Session ID: '${sessionID}'"
            else
              _err "Couldn't retrieve the Session ID."
              return 1
            fi
          }
          
          _ISPC_getZoneInfo() {
            _info "Getting Zoneinfo"
            zoneEnd=false
            curZone="${fulldomain}"
            while [ "${zoneEnd}" = false ]; do
              # we can strip the first part of the fulldomain, since it's just the _acme-challenge string
              curZone="${curZone#*.}"
              # suffix . needed for zone -> domain.tld.
              curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"origin\":\"${curZone}.\"}}"
              curResult="$(_post "${curData}" "${ISPC_Api}?dns_zone_get")"
              _debug "Calling _ISPC_getZoneInfo: '${curData}' '${ISPC_Api}?login'"
              _debug "Result of _ISPC_getZoneInfo: '$curResult'"
              if _contains "${curResult}" '"id":"'; then
                zoneFound=true
                zoneEnd=true
                _info "Retrieved zone data."
                _debug "Zone data: '${curResult}'"
              fi
              if [ "${curZone#*.}" != "$curZone" ]; then
                _debug2 "$curZone still contains a '.' - so we can check next higher level"
              else
                zoneEnd=true
                _err "Couldn't retrieve zone data."
                return 1
              fi
            done
            if [ "${zoneFound}" ]; then
              server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
              _debug "Server ID: '${server_id}'"
              case "${server_id}" in
              '' | *[!0-9]*)
                _err "Server ID is not numeric."
                return 1
                ;;
              *) _info "Retrieved Server ID" ;;
              esac
              zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
              _debug "Zone: '${zone}'"
              case "${zone}" in
              '' | *[!0-9]*)
                _err "Zone ID is not numeric."
                return 1
                ;;
              *) _info "Retrieved Zone ID" ;;
              esac
          #    client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
          #    _debug "Client ID: '${client_id}'"
          #    case "${client_id}" in
               sys_userid=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
               _debug "SYS User ID: '${sys_userid}'"
               case "${sys_userid}" in
              '' | *[!0-9]*)
          #      _err "Client ID is not numeric."
          	  _err "User ID is not numeric."
                return 1
                ;;
          #    *) _info "Retrieved Client ID." ;;
          	*) _info "Retrieved SYS User ID." ;;
              esac
              zoneFound=""
              zoneEnd=""
            fi
          }
          
          _ISPC_addTxt() {
            curSerial="$(date +%s)"
            curStamp="$(date +'%F %T')"
            params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}.\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\""
          #  curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}},\"update_serial\":true}"
          #  curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_add")"
          #  _debug "Calling _ISPC_addTxt: '${curData}' '${ISPC_Api}?dns_txt_add'"
          #  _debug "Result of _ISPC_addTxt: '$curResult'"
          #  record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
          #  _debug "Record ID: '${record_id}'"
          #  case "${record_id}" in
          #  '' | *[!0-9]*)
          #    _err "Couldn't add ACME Challenge TXT record to zone."
          #    return 1
          #    ;;
          #  *) _info "Added ACME Challenge TXT record to zone." ;;
          #  esac
            curData="{\"session_id\":\"${sessionID}\",\"sys_userid\":\"${sys_userid}\"}"
            curResult="$(_post "${curData}" "${ISPC_Api}?client_get_id")"
            client_id=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2 | tr -d '{}')
            _debug "Client ID: '${client_id}'"
            case "${client_id}" in
              '' | *[!0-9]*)
              _err "Client ID is not numeric."
              return 1
              ;;
              *) _info "Retrieved Client ID." ;;
            esac
          }
          
          
          
          _ISPC_rmTxt() {
            # Need to get the record ID.
            curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"name\":\"${fulldomain}.\",\"type\":\"TXT\"}}"
            curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_get")"
            _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_get'"
            _debug "Result of _ISPC_rmTxt: '$curResult'"
            if _contains "${curResult}" '"code":"ok"'; then
              record_id=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
              _debug "Record ID: '${record_id}'"
              case "${record_id}" in
              '' | *[!0-9]*)
                _err "Record ID is not numeric."
                return 1
                ;;
              *)
                unset IFS
                _info "Retrieved Record ID."
                curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\",\"update_serial\":true}"
                curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")"
                _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_delete'"
                _debug "Result of _ISPC_rmTxt: '$curResult'"
                if _contains "${curResult}" '"code":"ok"'; then
                  _info "Removed ACME Challenge TXT record from zone."
                else
                  _err "Couldn't remove ACME Challenge TXT record from zone."
                  return 1
                fi
                ;;
              esac
            fi
          }
          
          

          When I run crt generation in pfSense ACME, in acme_issuecert.log I see an attempt to verify the url='https://cloudflare-dns.com/dns-query?name=_acme-challenge.1.pf.example.pl&type=TXT' in a loop every 10 seconds.

          [Thu Oct 29 08:54:33 CET 2020] Let's wait 10 seconds and check again.
          [Thu Oct 29 08:54:43 CET 2020] _is_idn_d='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] _idn_temp
          [Thu Oct 29 08:54:43 CET 2020] _is_idn_d='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] _idn_temp
          [Thu Oct 29 08:54:43 CET 2020] d='1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] txtdomain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] aliasDomain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] txt='GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks'
          [Thu Oct 29 08:54:43 CET 2020] d_api='/usr/local/pkg/acme/dnsapi/dns_ispconfig.sh'
          [Thu Oct 29 08:54:43 CET 2020] Checking 1.pf.example.pl for _acme-challenge.1.pf.example.pl
          [Thu Oct 29 08:54:43 CET 2020] _c_txtdomain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] _c_aliasdomain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] _c_txt='GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks'
          [Thu Oct 29 08:54:43 CET 2020] Detect dns server first.
          [Thu Oct 29 08:54:43 CET 2020] GET
          [Thu Oct 29 08:54:43 CET 2020] url='https://cloudflare-dns.com'
          [Thu Oct 29 08:54:43 CET 2020] timeout=
          [Thu Oct 29 08:54:43 CET 2020] Http already initialized.
          [Thu Oct 29 08:54:43 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g '
          [Thu Oct 29 08:54:43 CET 2020] ret='0'
          [Thu Oct 29 08:54:43 CET 2020] Use cloudflare doh server
          [Thu Oct 29 08:54:43 CET 2020] _ns_ep='https://cloudflare-dns.com/dns-query'
          [Thu Oct 29 08:54:43 CET 2020] _ns_domain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] _ns_type='TXT'
          [Thu Oct 29 08:54:43 CET 2020] GET
          [Thu Oct 29 08:54:43 CET 2020] url='https://cloudflare-dns.com/dns-query?name=_acme-challenge.1.pf.example.pl&type=TXT'
          [Thu Oct 29 08:54:43 CET 2020] timeout=
          [Thu Oct 29 08:54:43 CET 2020] Http already initialized.
          [Thu Oct 29 08:54:43 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g '
          [Thu Oct 29 08:54:43 CET 2020] ret='0'
          [Thu Oct 29 08:54:43 CET 2020] response='{"Status":3,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"_acme-challenge.1.pf.example.pl","type":16}],"Authority":[{"name":"pf.example.pl","type":6,"TTL":3600,"data":"ns1.pf.example.pl. admin.pf.example.pl. 2020102905 7200 540 604800 3600"}]}'
          [Thu Oct 29 08:54:43 CET 2020] _answers
          [Thu Oct 29 08:54:43 CET 2020] Not valid yet, let's wait 10 seconds and check next one.
          [Thu Oct 29 08:54:43 CET 2020] _p_txtdomain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:54:43 CET 2020] Cloudflare purge TXT record for domain _acme-challenge.1.pf.example.pl
          [Thu Oct 29 08:54:43 CET 2020] POST
          [Thu Oct 29 08:54:43 CET 2020] _post_url='https://cloudflare-dns.com/api/v1/purge?domain=_acme-challenge.1.pf.example.pl&type=TXT'
          [Thu Oct 29 08:54:43 CET 2020] body
          [Thu Oct 29 08:54:43 CET 2020] _postContentType
          [Thu Oct 29 08:54:43 CET 2020] Http already initialized.
          [Thu Oct 29 08:54:43 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g '
          [Thu Oct 29 08:54:44 CET 2020] _ret='0'
          [Thu Oct 29 08:54:44 CET 2020] response='{"msg":"Purge request queued. Please wait a few seconds and verify the request was successful."}'
          [Thu Oct 29 08:54:54 CET 2020] Let's wait 10 seconds and check again.
          

          After unsuccessful verification attempts _post_url='https://cloudflare-dns.com/api/v1/purge?domain=_acme-challenge.1.pf.example.pl&type=TXT'' the script proceeded to remove TXT entry, ended with Record ID is not numeric error.

          [Thu Oct 29 08:55:04 CET 2020] Removing DNS records.
          [Thu Oct 29 08:55:04 CET 2020] d='1.pf.example.pl'
          [Thu Oct 29 08:55:04 CET 2020] txtdomain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:55:04 CET 2020] aliasDomain='_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:55:04 CET 2020] _currentRoot='dns_ispconfig'
          [Thu Oct 29 08:55:04 CET 2020] txt='GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks'
          [Thu Oct 29 08:55:04 CET 2020] d_api='/usr/local/pkg/acme/dnsapi/dns_ispconfig.sh'
          [Thu Oct 29 08:55:04 CET 2020] dns_ispconfig_rm exists=0
          [Thu Oct 29 08:55:04 CET 2020] Removing txt: GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks for domain: _acme-challenge.1.pf.example.pl
          [Thu Oct 29 08:55:04 CET 2020] Calling: dns_ispconfig_rm() '_acme-challenge.1.pf.example.pl'
          [Thu Oct 29 08:55:04 CET 2020] OK
          [Thu Oct 29 08:55:04 CET 2020] 5:ISPC_User='API_pf.example.pl'
          [Thu Oct 29 08:55:04 CET 2020] OK
          [Thu Oct 29 08:55:04 CET 2020] 6:ISPC_Password='123123123'
          [Thu Oct 29 08:55:04 CET 2020] OK
          [Thu Oct 29 08:55:04 CET 2020] 7:ISPC_Api='https://isp2.example.pl:8080/remote/json.php'
          [Thu Oct 29 08:55:04 CET 2020] OK
          [Thu Oct 29 08:55:04 CET 2020] 8:ISPC_Api_Insecure='1'
          [Thu Oct 29 08:55:04 CET 2020] Getting Session ID
          [Thu Oct 29 08:55:04 CET 2020] POST
          [Thu Oct 29 08:55:04 CET 2020] _post_url='https://isp2.example.pl:8080/remote/json.php?login'
          [Thu Oct 29 08:55:04 CET 2020] body='{"username":"API_pf.example.pl","password":"A9gvU$2Q55LeGb","client_login":false}'
          [Thu Oct 29 08:55:04 CET 2020] _postContentType
          [Thu Oct 29 08:55:04 CET 2020] Http already initialized.
          [Thu Oct 29 08:55:04 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g  --insecure  '
          [Thu Oct 29 08:55:04 CET 2020] _ret='0'
          [Thu Oct 29 08:55:04 CET 2020] Calling _ISPC_login: '{"username":"API_pf.example.pl","password":"123123123","client_login":false}' 'https://isp2.example.pl:8080/remote/json.php?login'
          [Thu Oct 29 08:55:04 CET 2020] Result of _ISPC_login: '{"code":"ok","message":"","response":"fa7647c0a7e5a3679ee108777140ebe9"}'
          [Thu Oct 29 08:55:04 CET 2020] Retrieved Session ID.
          [Thu Oct 29 08:55:04 CET 2020] Session ID: 'fa7647c0a7e5a3679ee108777140ebe9'
          [Thu Oct 29 08:55:04 CET 2020] POST
          [Thu Oct 29 08:55:04 CET 2020] _post_url='https://isp2.example.pl:8080/remote/json.php?dns_txt_get'
          [Thu Oct 29 08:55:04 CET 2020] body='{"session_id":"fa7647c0a7e5a3679ee108777140ebe9","primary_id":{"name":"_acme-challenge.1.pf.example.pl.","type":"TXT"}}'
          [Thu Oct 29 08:55:04 CET 2020] _postContentType
          [Thu Oct 29 08:55:04 CET 2020] Http already initialized.
          [Thu Oct 29 08:55:04 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g  --insecure  '
          [Thu Oct 29 08:55:04 CET 2020] _ret='0'
          [Thu Oct 29 08:55:04 CET 2020] Calling _ISPC_rmTxt: '{"session_id":"fa7647c0a7e5a3679ee108777140ebe9","primary_id":{"name":"_acme-challenge.1.pf.example.pl.","type":"TXT"}}' 'https://isp2.example.pl:8080/remote/json.php?dns_txt_get'
          [Thu Oct 29 08:55:04 CET 2020] Result of _ISPC_rmTxt: '{"code":"ok","message":"","response":[]}'
          [Thu Oct 29 08:55:04 CET 2020] Record ID: ''
          [Thu Oct 29 08:55:04 CET 2020] Record ID is not numeric.
          [Thu Oct 29 08:55:04 CET 2020] Error removing txt for domain:_acme-challenge.1.pf.example.pl
          

          The acme_issuecert.log where the TXT record is sent to the ISPConfig is: The txt record is added: Success. There is no such TXT entry in the DNS records on ISPConfig. Can someone verify that sometimes I have not done something wrong by correcting dns_ispconfig.sh.

          [Thu Oct 29 08:34:42 CET 2020] pf.example.pl still contains a '.' - so we can check next higher level
          [Thu Oct 29 08:34:42 CET 2020] Server ID: '1'
          [Thu Oct 29 08:34:42 CET 2020] Retrieved Server ID
          [Thu Oct 29 08:34:42 CET 2020] Zone: '3'
          [Thu Oct 29 08:34:42 CET 2020] Retrieved Zone ID
          [Thu Oct 29 08:34:42 CET 2020] SYS User ID: '1'
          [Thu Oct 29 08:34:42 CET 2020] Retrieved SYS User ID.
          [Thu Oct 29 08:34:42 CET 2020] POST
          [Thu Oct 29 08:34:42 CET 2020] _post_url='https://isp2.example.pl:8080/remote/json.php?client_get_id'
          [Thu Oct 29 08:34:42 CET 2020] body='{"session_id":"ea46b5167936f14d79e2a23a65ce2e39","sys_userid":"1"}'
          [Thu Oct 29 08:34:42 CET 2020] _postContentType
          [Thu Oct 29 08:34:42 CET 2020] Http already initialized.
          [Thu Oct 29 08:34:42 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g  --insecure  '
          [Thu Oct 29 08:34:42 CET 2020] _ret='0'
          [Thu Oct 29 08:34:42 CET 2020] Client ID: '0'
          [Thu Oct 29 08:34:42 CET 2020] Retrieved Client ID.
          [Thu Oct 29 08:34:42 CET 2020] The txt record is added: Success.
          [Thu Oct 29 08:34:42 CET 2020] 1.pf.example.pl,_acme-challenge.1.pf.example.pl,,dns_ispconfig,GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks,/usr/local/pkg/acme/dnsapi/dns_ispconfig.sh
          
          
          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @MarcinSempek
            last edited by

            @MarcinSempek said in ACME 0.6.9_1 DNS ISPConfig Record ID: 'false}':

            Can someone verify

            That some one should actually use acme.sh AND the "ISPConfig API".
            Even the thread at github => acme doesn't show many people with the issue.
            Still, try posting there to revive the subject.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.