ACME using dynv6
does anybody know how to solve the challenge using the dynv6.com DDNS provider?
In the current ACME-package (acmesh-official on github) there exists a dns_dynv6.sh file that should support that provider. But copying that file to the acme/dnsapi doesn't seem to be enough to get it running in the acme package of pfsense.
Anybody knowing a solution? When will the next ACME-package for pfSense be released which includes that support?
Any infos are very welcome!
Thanks very much!
@linef After a bit more digging into the code I resolved the problem. Can now use dynv6.
What else did you need to do as I'm about to enable dynv6 too?
as said, I had to copy the dns_dynv6.sh script into the directory /usr/local/pkg/acme/dnsapi.
Additionally I had to add the following code part to the acme.inc file located one stage above:
$acme_domain_validation_method['dns_dynv6'] = array(
'name' => "DNS-dynv6",
'fields' => array(
'DYNV6_TOKEN' => array('name' => "dynv6_token",
'columnheader' => "API Token",
'type' => "textbox",
'description' => "dynv6 API Token (Look
in dynv6 account settings - HTTP Tokens)" ) ));
I inserted it at about line 657 where all the other dyndns packages are defined.
Sorry, meant to post back that it all seemed to work using the nsupdate rfc option in the dropdown after I checked.
So I didn't end up having to make any changes to pfsense at all
@brtech didn't understand - where do you run "nsupdate rfc"?
It's in the dropdown for method: "DNS-NSupdate / RFC 2136"
@brtech ah, ok, I understand - you are manually entering the required parameters in that method. I didn't realize that this would also have been possible...
Yes, works really well using the various key parameters from dynv6, only issue is that the certbot hooks I was previously using used _acme_challenge.mydomain.dynv6.net for one domain and _acme_challenge_domaina.mydomain.dynv6.net etc for my other domains.
I need to grep the code and see if there is a way of influencing the record being written.
If I was using different domains then I'd be fine.