ACME 0.6.9_1 DNS ISPConfig Record ID: 'false}'


  • Hello,
    I have a problem with adding TXT record to DNS on ISPConfig, certificate generation ends with an error when trying to write data to DNS server.

    ACME log

    pf.example.pl
    Renewing certificate 
    account: Testowy 
    server: letsencrypt-staging-2 
    
    /usr/local/pkg/acme/acme.sh  --issue  --domain 'pf.example.pl' --dns 'dns_ispconfig'  --home '/tmp/acme/pf.example.pl/' --accountconf '/tmp/acme/pf.example.pl/accountconf.conf' --force --reloadCmd '/tmp/acme/pf.example.pl/reloadcmd.sh' --log-level 3 --log '/tmp/acme/pf.example.pl/acme_issuecert.log'
    Array
    (
        [path] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
        [PATH] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
        [ISPC_User] => API_pf.example.pl
        [ISPC_Password] => 123123123
        [ISPC_Api] => https://isp2.example.pl:8080/remote/json.php
        [ISPC_Api_Insecure] => 1
    )
    [Wed Oct 28 13:32:09 CET 2020] Using CA: https://acme-staging-v02.api.letsencrypt.org/directory
    [Wed Oct 28 13:32:09 CET 2020] Single domain='pf.example.pl'
    [Wed Oct 28 13:32:09 CET 2020] Getting domain auth token for each domain
    [Wed Oct 28 13:32:13 CET 2020] Getting webroot for domain='pf.example.pl'
    [Wed Oct 28 13:32:13 CET 2020] Adding txt value: zjzcvMo7wg38mvYRuHClkKFnWew9oahsiXl4XKCmPJY for domain:  _acme-challenge.pf.example.pl
    [Wed Oct 28 13:32:13 CET 2020] Getting Session ID
    [Wed Oct 28 13:32:14 CET 2020] Retrieved Session ID.
    [Wed Oct 28 13:32:14 CET 2020] Getting Zoneinfo
    [Wed Oct 28 13:32:14 CET 2020] Retrieved zone data.
    [Wed Oct 28 13:32:14 CET 2020] Retrieved Server ID
    [Wed Oct 28 13:32:14 CET 2020] Retrieved Zone ID
    [Wed Oct 28 13:32:14 CET 2020] Retrieved Client ID.
    [Wed Oct 28 13:32:14 CET 2020] Couldn't add ACME Challenge TXT record to zone.
    [Wed Oct 28 13:32:14 CET 2020] Error add txt for domain:_acme-challenge.pf.example.pl
    [Wed Oct 28 13:32:14 CET 2020] Please check log file for more details: /tmp/acme/pf.example.pl/acme_issuecert.log
    
    

    acme_issuecert.log

    [Wed Oct 28 11:11:49 CET 2020] Calling _ISPC_addTxt: '{"session_id":"a02d9db6d06e386e93c2fdb54d5225cb","client_id":"1","params":{"server_id":"1","zone":"3","name":"_acme-challenge.pf.example.pl.","type"             :"txt","data":"IUQ3CZNFWpca03fc1oysACTVNhXjxwbANb09EKxa19Q","aux":"0","ttl":"3600","active":"y","stamp":"2020-10-28 11:11:46","serial":"1603879906"},"update_serial":true}' 'https://isp2.example.pl:8080/remote/json.php?dns_txt_add'
    [Wed Oct 28 11:11:49 CET 2020] Result of _ISPC_addTxt: '{"code":"remote_fault","message":"Incorrect integer value: '' for column `dbispconfig`.`dns_rr`.`sys_userid` at row 1 INSERT INTO `dns_rr` (`server_id`, `zone`, `name`, `type`, `data`, `ttl`, `active`, `stamp`, `serial`, `sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`) VALUES ('1', '3', '_acme-challenge.pf.example.pl.', 'txt', 'IUQ3CZNFWpca03fc1oysACTVNhXjxwbANb09EKxa19Q', '3600', 'y', '2020-10-28 11:11:46', '1603879906', '', '', 'riud', 'riud', '')","response":false}'
    [Wed Oct 28 11:11:49 CET 2020] Record ID: 'false}'
    [Wed Oct 28 11:11:49 CET 2020] Couldn't add ACME Challenge TXT record to zone.
    [Wed Oct 28 11:11:49 CET 2020] Error add txt for domain:_acme-challenge.pf.example.pl
    [Wed Oct 28 11:11:49 CET 2020] _on_issue_err
    [Wed Oct 28 11:11:49 CET 2020] Please check log file for more details: /tmp/acme/pf.example.pl/acme_issuecert.log
    
    

    Can someone help why ACME does not finish writing to the DNS correctly?
    Thank you for your help with this problem.

  • Rebel Alliance Developer Netgate

    Looks like something might have changed on the server side for ispconfig that needs an update in the acme.sh (not pfSense code) or maybe something is different about your ispconfig setup compared to others.

    I see https://github.com/acmesh-official/acme.sh/issues/2705 which seems similar but is still open upstream, they haven't put in a fix for it.


  • I have added the corrected code fragments from https://github.com/acmesh-official/acme.sh/issues/2705 to the file dns_ispconfig.sh on pfSense

    dns_ispconfig.sh now looks like this:

    #!/usr/bin/env sh
    
    # ISPConfig 3.1 API
    # User must provide login data and URL to the ISPConfig installation incl. port. The remote user in ISPConfig must have access to:
    # - DNS txt Functions
    
    # Report bugs to https://github.com/sjau/acme.sh
    
    # Values to export:
    # export ISPC_User="remoteUser"
    # export ISPC_Password="remotePassword"
    # export ISPC_Api="https://ispc.domain.tld:8080/remote/json.php"
    # export ISPC_Api_Insecure=1     # Set 1 for insecure and 0 for secure -> difference is whether ssl cert is checked for validity (0) or whether it is just accepted (1)
    
    ########  Public functions #####################
    
    #Usage: dns_myapi_add   _acme-challenge.www.domain.com   "XKrxpRBosdIKFzxW_CT3KLZNf6q0HG9i01zxXp5CPBs"
    dns_ispconfig_add() {
      fulldomain="${1}"
      txtvalue="${2}"
      _debug "Calling: dns_ispconfig_add() '${fulldomain}' '${txtvalue}'"
      _ISPC_credentials && _ISPC_login && _ISPC_getZoneInfo && _ISPC_addTxt
    }
    
    #Usage: dns_myapi_rm   _acme-challenge.www.domain.com
    dns_ispconfig_rm() {
      fulldomain="${1}"
      _debug "Calling: dns_ispconfig_rm() '${fulldomain}'"
      _ISPC_credentials && _ISPC_login && _ISPC_rmTxt
    }
    
    ####################  Private functions below ##################################
    
    _ISPC_credentials() {
      if [ -z "${ISPC_User}" ] || [ -z "$ISPC_Password" ] || [ -z "${ISPC_Api}" ] || [ -z "${ISPC_Api_Insecure}" ]; then
        ISPC_User=""
        ISPC_Password=""
        ISPC_Api=""
        ISPC_Api_Insecure=""
        _err "You haven't specified the ISPConfig Login data, URL and whether you want check the ISPC SSL cert. Please try again."
        return 1
      else
        _saveaccountconf ISPC_User "${ISPC_User}"
        _saveaccountconf ISPC_Password "${ISPC_Password}"
        _saveaccountconf ISPC_Api "${ISPC_Api}"
        _saveaccountconf ISPC_Api_Insecure "${ISPC_Api_Insecure}"
        # Set whether curl should use secure or insecure mode
        export HTTPS_INSECURE="${ISPC_Api_Insecure}"
      fi
    }
    
    _ISPC_login() {
      _info "Getting Session ID"
      curData="{\"username\":\"${ISPC_User}\",\"password\":\"${ISPC_Password}\",\"client_login\":false}"
      curResult="$(_post "${curData}" "${ISPC_Api}?login")"
      _debug "Calling _ISPC_login: '${curData}' '${ISPC_Api}?login'"
      _debug "Result of _ISPC_login: '$curResult'"
      if _contains "${curResult}" '"code":"ok"'; then
        sessionID=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
        _info "Retrieved Session ID."
        _debug "Session ID: '${sessionID}'"
      else
        _err "Couldn't retrieve the Session ID."
        return 1
      fi
    }
    
    _ISPC_getZoneInfo() {
      _info "Getting Zoneinfo"
      zoneEnd=false
      curZone="${fulldomain}"
      while [ "${zoneEnd}" = false ]; do
        # we can strip the first part of the fulldomain, since it's just the _acme-challenge string
        curZone="${curZone#*.}"
        # suffix . needed for zone -> domain.tld.
        curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"origin\":\"${curZone}.\"}}"
        curResult="$(_post "${curData}" "${ISPC_Api}?dns_zone_get")"
        _debug "Calling _ISPC_getZoneInfo: '${curData}' '${ISPC_Api}?login'"
        _debug "Result of _ISPC_getZoneInfo: '$curResult'"
        if _contains "${curResult}" '"id":"'; then
          zoneFound=true
          zoneEnd=true
          _info "Retrieved zone data."
          _debug "Zone data: '${curResult}'"
        fi
        if [ "${curZone#*.}" != "$curZone" ]; then
          _debug2 "$curZone still contains a '.' - so we can check next higher level"
        else
          zoneEnd=true
          _err "Couldn't retrieve zone data."
          return 1
        fi
      done
      if [ "${zoneFound}" ]; then
        server_id=$(echo "${curResult}" | _egrep_o "server_id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
        _debug "Server ID: '${server_id}'"
        case "${server_id}" in
        '' | *[!0-9]*)
          _err "Server ID is not numeric."
          return 1
          ;;
        *) _info "Retrieved Server ID" ;;
        esac
        zone=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
        _debug "Zone: '${zone}'"
        case "${zone}" in
        '' | *[!0-9]*)
          _err "Zone ID is not numeric."
          return 1
          ;;
        *) _info "Retrieved Zone ID" ;;
        esac
    #    client_id=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
    #    _debug "Client ID: '${client_id}'"
    #    case "${client_id}" in
         sys_userid=$(echo "${curResult}" | _egrep_o "sys_userid.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
         _debug "SYS User ID: '${sys_userid}'"
         case "${sys_userid}" in
        '' | *[!0-9]*)
    #      _err "Client ID is not numeric."
    	  _err "User ID is not numeric."
          return 1
          ;;
    #    *) _info "Retrieved Client ID." ;;
    	*) _info "Retrieved SYS User ID." ;;
        esac
        zoneFound=""
        zoneEnd=""
      fi
    }
    
    _ISPC_addTxt() {
      curSerial="$(date +%s)"
      curStamp="$(date +'%F %T')"
      params="\"server_id\":\"${server_id}\",\"zone\":\"${zone}\",\"name\":\"${fulldomain}.\",\"type\":\"txt\",\"data\":\"${txtvalue}\",\"aux\":\"0\",\"ttl\":\"3600\",\"active\":\"y\",\"stamp\":\"${curStamp}\",\"serial\":\"${curSerial}\""
    #  curData="{\"session_id\":\"${sessionID}\",\"client_id\":\"${client_id}\",\"params\":{${params}},\"update_serial\":true}"
    #  curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_add")"
    #  _debug "Calling _ISPC_addTxt: '${curData}' '${ISPC_Api}?dns_txt_add'"
    #  _debug "Result of _ISPC_addTxt: '$curResult'"
    #  record_id=$(echo "${curResult}" | _egrep_o "\"response.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
    #  _debug "Record ID: '${record_id}'"
    #  case "${record_id}" in
    #  '' | *[!0-9]*)
    #    _err "Couldn't add ACME Challenge TXT record to zone."
    #    return 1
    #    ;;
    #  *) _info "Added ACME Challenge TXT record to zone." ;;
    #  esac
      curData="{\"session_id\":\"${sessionID}\",\"sys_userid\":\"${sys_userid}\"}"
      curResult="$(_post "${curData}" "${ISPC_Api}?client_get_id")"
      client_id=$(echo "${curResult}" | _egrep_o "response.*" | cut -d ':' -f 2 | cut -d '"' -f 2 | tr -d '{}')
      _debug "Client ID: '${client_id}'"
      case "${client_id}" in
        '' | *[!0-9]*)
        _err "Client ID is not numeric."
        return 1
        ;;
        *) _info "Retrieved Client ID." ;;
      esac
    }
    
    
    
    _ISPC_rmTxt() {
      # Need to get the record ID.
      curData="{\"session_id\":\"${sessionID}\",\"primary_id\":{\"name\":\"${fulldomain}.\",\"type\":\"TXT\"}}"
      curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_get")"
      _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_get'"
      _debug "Result of _ISPC_rmTxt: '$curResult'"
      if _contains "${curResult}" '"code":"ok"'; then
        record_id=$(echo "${curResult}" | _egrep_o "\"id.*" | cut -d ':' -f 2 | cut -d '"' -f 2)
        _debug "Record ID: '${record_id}'"
        case "${record_id}" in
        '' | *[!0-9]*)
          _err "Record ID is not numeric."
          return 1
          ;;
        *)
          unset IFS
          _info "Retrieved Record ID."
          curData="{\"session_id\":\"${sessionID}\",\"primary_id\":\"${record_id}\",\"update_serial\":true}"
          curResult="$(_post "${curData}" "${ISPC_Api}?dns_txt_delete")"
          _debug "Calling _ISPC_rmTxt: '${curData}' '${ISPC_Api}?dns_txt_delete'"
          _debug "Result of _ISPC_rmTxt: '$curResult'"
          if _contains "${curResult}" '"code":"ok"'; then
            _info "Removed ACME Challenge TXT record from zone."
          else
            _err "Couldn't remove ACME Challenge TXT record from zone."
            return 1
          fi
          ;;
        esac
      fi
    }
    
    

    When I run crt generation in pfSense ACME, in acme_issuecert.log I see an attempt to verify the url='https://cloudflare-dns.com/dns-query?name=_acme-challenge.1.pf.example.pl&type=TXT' in a loop every 10 seconds.

    [Thu Oct 29 08:54:33 CET 2020] Let's wait 10 seconds and check again.
    [Thu Oct 29 08:54:43 CET 2020] _is_idn_d='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] _idn_temp
    [Thu Oct 29 08:54:43 CET 2020] _is_idn_d='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] _idn_temp
    [Thu Oct 29 08:54:43 CET 2020] d='1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] txtdomain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] aliasDomain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] txt='GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks'
    [Thu Oct 29 08:54:43 CET 2020] d_api='/usr/local/pkg/acme/dnsapi/dns_ispconfig.sh'
    [Thu Oct 29 08:54:43 CET 2020] Checking 1.pf.example.pl for _acme-challenge.1.pf.example.pl
    [Thu Oct 29 08:54:43 CET 2020] _c_txtdomain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] _c_aliasdomain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] _c_txt='GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks'
    [Thu Oct 29 08:54:43 CET 2020] Detect dns server first.
    [Thu Oct 29 08:54:43 CET 2020] GET
    [Thu Oct 29 08:54:43 CET 2020] url='https://cloudflare-dns.com'
    [Thu Oct 29 08:54:43 CET 2020] timeout=
    [Thu Oct 29 08:54:43 CET 2020] Http already initialized.
    [Thu Oct 29 08:54:43 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g '
    [Thu Oct 29 08:54:43 CET 2020] ret='0'
    [Thu Oct 29 08:54:43 CET 2020] Use cloudflare doh server
    [Thu Oct 29 08:54:43 CET 2020] _ns_ep='https://cloudflare-dns.com/dns-query'
    [Thu Oct 29 08:54:43 CET 2020] _ns_domain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] _ns_type='TXT'
    [Thu Oct 29 08:54:43 CET 2020] GET
    [Thu Oct 29 08:54:43 CET 2020] url='https://cloudflare-dns.com/dns-query?name=_acme-challenge.1.pf.example.pl&type=TXT'
    [Thu Oct 29 08:54:43 CET 2020] timeout=
    [Thu Oct 29 08:54:43 CET 2020] Http already initialized.
    [Thu Oct 29 08:54:43 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g '
    [Thu Oct 29 08:54:43 CET 2020] ret='0'
    [Thu Oct 29 08:54:43 CET 2020] response='{"Status":3,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"_acme-challenge.1.pf.example.pl","type":16}],"Authority":[{"name":"pf.example.pl","type":6,"TTL":3600,"data":"ns1.pf.example.pl. admin.pf.example.pl. 2020102905 7200 540 604800 3600"}]}'
    [Thu Oct 29 08:54:43 CET 2020] _answers
    [Thu Oct 29 08:54:43 CET 2020] Not valid yet, let's wait 10 seconds and check next one.
    [Thu Oct 29 08:54:43 CET 2020] _p_txtdomain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:54:43 CET 2020] Cloudflare purge TXT record for domain _acme-challenge.1.pf.example.pl
    [Thu Oct 29 08:54:43 CET 2020] POST
    [Thu Oct 29 08:54:43 CET 2020] _post_url='https://cloudflare-dns.com/api/v1/purge?domain=_acme-challenge.1.pf.example.pl&type=TXT'
    [Thu Oct 29 08:54:43 CET 2020] body
    [Thu Oct 29 08:54:43 CET 2020] _postContentType
    [Thu Oct 29 08:54:43 CET 2020] Http already initialized.
    [Thu Oct 29 08:54:43 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g '
    [Thu Oct 29 08:54:44 CET 2020] _ret='0'
    [Thu Oct 29 08:54:44 CET 2020] response='{"msg":"Purge request queued. Please wait a few seconds and verify the request was successful."}'
    [Thu Oct 29 08:54:54 CET 2020] Let's wait 10 seconds and check again.
    

    After unsuccessful verification attempts _post_url='https://cloudflare-dns.com/api/v1/purge?domain=_acme-challenge.1.pf.example.pl&type=TXT'' the script proceeded to remove TXT entry, ended with Record ID is not numeric error.

    [Thu Oct 29 08:55:04 CET 2020] Removing DNS records.
    [Thu Oct 29 08:55:04 CET 2020] d='1.pf.example.pl'
    [Thu Oct 29 08:55:04 CET 2020] txtdomain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:55:04 CET 2020] aliasDomain='_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:55:04 CET 2020] _currentRoot='dns_ispconfig'
    [Thu Oct 29 08:55:04 CET 2020] txt='GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks'
    [Thu Oct 29 08:55:04 CET 2020] d_api='/usr/local/pkg/acme/dnsapi/dns_ispconfig.sh'
    [Thu Oct 29 08:55:04 CET 2020] dns_ispconfig_rm exists=0
    [Thu Oct 29 08:55:04 CET 2020] Removing txt: GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks for domain: _acme-challenge.1.pf.example.pl
    [Thu Oct 29 08:55:04 CET 2020] Calling: dns_ispconfig_rm() '_acme-challenge.1.pf.example.pl'
    [Thu Oct 29 08:55:04 CET 2020] OK
    [Thu Oct 29 08:55:04 CET 2020] 5:ISPC_User='API_pf.example.pl'
    [Thu Oct 29 08:55:04 CET 2020] OK
    [Thu Oct 29 08:55:04 CET 2020] 6:ISPC_Password='123123123'
    [Thu Oct 29 08:55:04 CET 2020] OK
    [Thu Oct 29 08:55:04 CET 2020] 7:ISPC_Api='https://isp2.example.pl:8080/remote/json.php'
    [Thu Oct 29 08:55:04 CET 2020] OK
    [Thu Oct 29 08:55:04 CET 2020] 8:ISPC_Api_Insecure='1'
    [Thu Oct 29 08:55:04 CET 2020] Getting Session ID
    [Thu Oct 29 08:55:04 CET 2020] POST
    [Thu Oct 29 08:55:04 CET 2020] _post_url='https://isp2.example.pl:8080/remote/json.php?login'
    [Thu Oct 29 08:55:04 CET 2020] body='{"username":"API_pf.example.pl","password":"A9gvU$2Q55LeGb","client_login":false}'
    [Thu Oct 29 08:55:04 CET 2020] _postContentType
    [Thu Oct 29 08:55:04 CET 2020] Http already initialized.
    [Thu Oct 29 08:55:04 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g  --insecure  '
    [Thu Oct 29 08:55:04 CET 2020] _ret='0'
    [Thu Oct 29 08:55:04 CET 2020] Calling _ISPC_login: '{"username":"API_pf.example.pl","password":"123123123","client_login":false}' 'https://isp2.example.pl:8080/remote/json.php?login'
    [Thu Oct 29 08:55:04 CET 2020] Result of _ISPC_login: '{"code":"ok","message":"","response":"fa7647c0a7e5a3679ee108777140ebe9"}'
    [Thu Oct 29 08:55:04 CET 2020] Retrieved Session ID.
    [Thu Oct 29 08:55:04 CET 2020] Session ID: 'fa7647c0a7e5a3679ee108777140ebe9'
    [Thu Oct 29 08:55:04 CET 2020] POST
    [Thu Oct 29 08:55:04 CET 2020] _post_url='https://isp2.example.pl:8080/remote/json.php?dns_txt_get'
    [Thu Oct 29 08:55:04 CET 2020] body='{"session_id":"fa7647c0a7e5a3679ee108777140ebe9","primary_id":{"name":"_acme-challenge.1.pf.example.pl.","type":"TXT"}}'
    [Thu Oct 29 08:55:04 CET 2020] _postContentType
    [Thu Oct 29 08:55:04 CET 2020] Http already initialized.
    [Thu Oct 29 08:55:04 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g  --insecure  '
    [Thu Oct 29 08:55:04 CET 2020] _ret='0'
    [Thu Oct 29 08:55:04 CET 2020] Calling _ISPC_rmTxt: '{"session_id":"fa7647c0a7e5a3679ee108777140ebe9","primary_id":{"name":"_acme-challenge.1.pf.example.pl.","type":"TXT"}}' 'https://isp2.example.pl:8080/remote/json.php?dns_txt_get'
    [Thu Oct 29 08:55:04 CET 2020] Result of _ISPC_rmTxt: '{"code":"ok","message":"","response":[]}'
    [Thu Oct 29 08:55:04 CET 2020] Record ID: ''
    [Thu Oct 29 08:55:04 CET 2020] Record ID is not numeric.
    [Thu Oct 29 08:55:04 CET 2020] Error removing txt for domain:_acme-challenge.1.pf.example.pl
    

    The acme_issuecert.log where the TXT record is sent to the ISPConfig is: The txt record is added: Success. There is no such TXT entry in the DNS records on ISPConfig. Can someone verify that sometimes I have not done something wrong by correcting dns_ispconfig.sh.

    [Thu Oct 29 08:34:42 CET 2020] pf.example.pl still contains a '.' - so we can check next higher level
    [Thu Oct 29 08:34:42 CET 2020] Server ID: '1'
    [Thu Oct 29 08:34:42 CET 2020] Retrieved Server ID
    [Thu Oct 29 08:34:42 CET 2020] Zone: '3'
    [Thu Oct 29 08:34:42 CET 2020] Retrieved Zone ID
    [Thu Oct 29 08:34:42 CET 2020] SYS User ID: '1'
    [Thu Oct 29 08:34:42 CET 2020] Retrieved SYS User ID.
    [Thu Oct 29 08:34:42 CET 2020] POST
    [Thu Oct 29 08:34:42 CET 2020] _post_url='https://isp2.example.pl:8080/remote/json.php?client_get_id'
    [Thu Oct 29 08:34:42 CET 2020] body='{"session_id":"ea46b5167936f14d79e2a23a65ce2e39","sys_userid":"1"}'
    [Thu Oct 29 08:34:42 CET 2020] _postContentType
    [Thu Oct 29 08:34:42 CET 2020] Http already initialized.
    [Thu Oct 29 08:34:42 CET 2020] _CURL='curl -L --silent --dump-header /tmp/acme/1.pf.example.pl//http.header  -g  --insecure  '
    [Thu Oct 29 08:34:42 CET 2020] _ret='0'
    [Thu Oct 29 08:34:42 CET 2020] Client ID: '0'
    [Thu Oct 29 08:34:42 CET 2020] Retrieved Client ID.
    [Thu Oct 29 08:34:42 CET 2020] The txt record is added: Success.
    [Thu Oct 29 08:34:42 CET 2020] 1.pf.example.pl,_acme-challenge.1.pf.example.pl,,dns_ispconfig,GTUNWY32cuKrnrB5e8CmDoZrk41WXOn-MRfR2Zmp8ks,/usr/local/pkg/acme/dnsapi/dns_ispconfig.sh
    
    

  • @MarcinSempek said in ACME 0.6.9_1 DNS ISPConfig Record ID: 'false}':

    Can someone verify

    That some one should actually use acme.sh AND the "ISPConfig API".
    Even the thread at github => acme doesn't show many people with the issue.
    Still, try posting there to revive the subject.