-
Hi all,
I have let's encrypt certificate running on my pfsense 2.6.0.
I'm using a cloudflare API to resolve my domain,also using cloudflare dyndns to resolve my dynamic public IP.
the issue is that acme not able to renew the certificate, I get an error when trying to check dns.
---acme_issuecert.log-----------
[Mon Apr 11 03:17:21 +00 2022] Detect dns server first.
[Mon Apr 11 03:17:21 +00 2022] GET
[Mon Apr 11 03:17:21 +00 2022] url='https://cloudflare-dns.com'
[Mon Apr 11 03:17:21 +00 2022] timeout=1
[Mon Apr 11 03:17:21 +00 2022] Http already initialized.
[Mon Apr 11 03:17:21 +00 2022] _CURL='curl --silent --dump-header /tmp/acme/example-net-Cert//http.header -L --connect-timeout 1'
[Mon Apr 11 03:17:22 +00 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7
[Mon Apr 11 03:17:22 +00 2022] ret='7'
[Mon Apr 11 03:17:22 +00 2022] GET
[Mon Apr 11 03:17:22 +00 2022] url='https://dns.google'
[Mon Apr 11 03:17:22 +00 2022] timeout=1
[Mon Apr 11 03:17:22 +00 2022] Http already initialized.
[Mon Apr 11 03:17:22 +00 2022] _CURL='curl --silent --dump-header /tmp/acme/example-net-Cert//http.header -L --connect-timeout 1'
[Mon Apr 11 03:17:23 +00 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7
[Mon Apr 11 03:17:23 +00 2022] ret='7'
[Mon Apr 11 03:17:23 +00 2022] GET
[Mon Apr 11 03:17:23 +00 2022] url='https://dns.alidns.com'
[Mon Apr 11 03:17:23 +00 2022] timeout=1
[Mon Apr 11 03:17:23 +00 2022] Http already initialized.
[Mon Apr 11 03:17:23 +00 2022] _CURL='curl --silent --dump-header /tmp/acme/example-net-Cert//http.header -L --connect-timeout 1'
[Mon Apr 11 03:17:23 +00 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7
[Mon Apr 11 03:17:23 +00 2022] ret='7'
[Mon Apr 11 03:17:23 +00 2022] GET
[Mon Apr 11 03:17:23 +00 2022] url='https://doh.pub'
[Mon Apr 11 03:17:23 +00 2022] timeout=1
[Mon Apr 11 03:17:23 +00 2022] Http already initialized.
[Mon Apr 11 03:17:23 +00 2022] _CURL='curl --silent --dump-header /tmp/acme/example-net-Cert//http.header -L --connect-timeout 1'
[Mon Apr 11 03:17:23 +00 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7
[Mon Apr 11 03:17:23 +00 2022] ret='7'
[Mon Apr 11 03:17:23 +00 2022] No doh
[Mon Apr 11 03:17:23 +00 2022] _ns_ep='https://cloudflare-dns.com/dns-query'
[Mon Apr 11 03:17:23 +00 2022] _ns_domain='_acme-challenge.portal.example.net'
[Mon Apr 11 03:17:23 +00 2022] _ns_type='TXT'
[Mon Apr 11 03:17:23 +00 2022] GET
[Mon Apr 11 03:17:23 +00 2022] url='https://cloudflare-dns.com/dns-query?name=_acme-challenge.portal.example.net&type=TXT'
[Mon Apr 11 03:17:23 +00 2022] timeout=
[Mon Apr 11 03:17:23 +00 2022] Http already initialized.
[Mon Apr 11 03:17:23 +00 2022] _CURL='curl --silent --dump-header /tmp/acme/example-net-Cert//http.header -L '
[Mon Apr 11 03:17:24 +00 2022] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7
[Mon Apr 11 03:17:24 +00 2022] ret='7'
[Mon Apr 11 03:17:24 +00 2022] response
[Mon Apr 11 03:17:24 +00 2022] Not valid yet, let's wait 10 seconds and check next one. -
J jimp moved this topic from General pfSense Questions on
-
Issue resolved ,
I did add domains manually that ACME try to resolve :
Services > DNS Resolvers> General Settings> Host Overrides
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.