Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ACME using dynv6

    Scheduled Pinned Locked Moved
    ACME
    2
    9
    985
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      LineF
      last edited by

      Hello,
      does anybody know how to solve the challenge using the dynv6.com DDNS provider?

      In the current ACME-package (acmesh-official on github) there exists a dns_dynv6.sh file that should support that provider. But copying that file to the acme/dnsapi doesn't seem to be enough to get it running in the acme package of pfsense.

      Anybody knowing a solution? When will the next ACME-package for pfSense be released which includes that support?

      Any infos are very welcome!
      Thanks very much!

      Martin

      L 1 Reply Last reply Reply Quote 0
      • L
        LineF @LineF
        last edited by

        @linef After a bit more digging into the code I resolved the problem. Can now use dynv6.
        Thanks

        1 Reply Last reply Reply Quote 0
        • B
          brtech
          last edited by

          What else did you need to do as I'm about to enable dynv6 too?

          L 1 Reply Last reply Reply Quote 0
          • L
            LineF @brtech
            last edited by

            @brtech
            as said, I had to copy the dns_dynv6.sh script into the directory /usr/local/pkg/acme/dnsapi.
            Additionally I had to add the following code part to the acme.inc file located one stage above:

            $acme_domain_validation_method['dns_dynv6'] = array(
            'name' => "DNS-dynv6",
            'fields' => array(
            'DYNV6_TOKEN' => array('name' => "dynv6_token",
            'columnheader' => "API Token",
            'type' => "textbox",
            'description' => "dynv6 API Token (Look
            in dynv6 account settings - HTTP Tokens)" ) ));

            I inserted it at about line 657 where all the other dyndns packages are defined.

            1 Reply Last reply Reply Quote 0
            • B
              brtech
              last edited by

              Sorry, meant to post back that it all seemed to work using the nsupdate rfc option in the dropdown after I checked.

              So I didn't end up having to make any changes to pfsense at all

              L 1 Reply Last reply Reply Quote 0
              • L
                LineF @brtech
                last edited by

                @brtech didn't understand - where do you run "nsupdate rfc"?

                1 Reply Last reply Reply Quote 0
                • B
                  brtech
                  last edited by

                  It's in the dropdown for method: "DNS-NSupdate / RFC 2136"

                  L 1 Reply Last reply Reply Quote 0
                  • L
                    LineF @brtech
                    last edited by

                    @brtech ah, ok, I understand - you are manually entering the required parameters in that method. I didn't realize that this would also have been possible...

                    1 Reply Last reply Reply Quote 0
                    • B
                      brtech
                      last edited by

                      Yes, works really well using the various key parameters from dynv6, only issue is that the certbot hooks I was previously using used _acme_challenge.mydomain.dynv6.net for one domain and _acme_challenge_domaina.mydomain.dynv6.net etc for my other domains.

                      I need to grep the code and see if there is a way of influencing the record being written.

                      If I was using different domains then I'd be fine.

                      1 Reply Last reply Reply Quote 0
                      • GertjanG Gertjan referenced this topic
                      • First post
                        Last post