You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After running fine for years I suddenly noticed the certificate for the acme dns server itself was not renewed. The Let's Encrypt renewal did not work. I was expecting acme-dns to generate the DNS-01 TXT record for itself but seems it no longer happens and therefor cert renewal or creation fails.
Any clue how to troubleshoot? Any changes on Let's Enrypt side?
Regards, Bjorn
Dec 6 17:48:06 hostname acme-dns: 1.7018848867280297e+09#011error#011acme_client#011challenge failed#011{"identifier": "a.acme-dns.mgmt.foo.com", "challenge_type": "dns-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain", "instance": "", "subproblems": []}}
Dec 6 17:48:06 hostname acme-dns: 1.701884886728101e+09#011error#011acme_client#011validating authorization#011{"identifier": "a.acme-dns.mgmt.foo.com", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/1451566716/227324075166", "attempt": 1, "max_attempts": 3}
Dec 6 17:48:06 hostname acme-dns: 1.7018848867281468e+09#011error#011obtain#011could not get certificate from issuer#011{"identifier": "a.acme-dns.mgmt.foo.com", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain"}
Dec 6 17:48:06 hostname acme-dns: 1.701884886728193e+09#011error#011obtain#011will retry#011{"error": "[a.acme-dns.mgmt.foo.com] Obtain: [a.acme-dns.mgmt.foo.com] solving challenge: a.acme-dns.mgmt.foo.com: [a.acme-dns.mgmt.foo.com] authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain (ca=https://acme-v02.api.letsencrypt.org/directory)", "attempt": 1, "retrying_in": 60, "elapsed": 1.527354888, "max_duration": 2592000}
The text was updated successfully, but these errors were encountered:
Hi,
After running fine for years I suddenly noticed the certificate for the acme dns server itself was not renewed. The Let's Encrypt renewal did not work. I was expecting acme-dns to generate the DNS-01 TXT record for itself but seems it no longer happens and therefor cert renewal or creation fails.
Any clue how to troubleshoot? Any changes on Let's Enrypt side?
Regards, Bjorn
Dec 6 17:48:06 hostname acme-dns: 1.7018848867280297e+09#011error#011acme_client#011challenge failed#011{"identifier": "a.acme-dns.mgmt.foo.com", "challenge_type": "dns-01", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain", "instance": "", "subproblems": []}}
Dec 6 17:48:06 hostname acme-dns: 1.701884886728101e+09#011error#011acme_client#011validating authorization#011{"identifier": "a.acme-dns.mgmt.foo.com", "problem": {"type": "urn:ietf:params:acme:error:dns", "title": "", "detail": "DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain", "instance": "", "subproblems": []}, "order": "https://acme-v02.api.letsencrypt.org/acme/order/1451566716/227324075166", "attempt": 1, "max_attempts": 3}
Dec 6 17:48:06 hostname acme-dns: 1.7018848867281468e+09#011error#011obtain#011could not get certificate from issuer#011{"identifier": "a.acme-dns.mgmt.foo.com", "issuer": "acme-v02.api.letsencrypt.org-directory", "error": "HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain"}
Dec 6 17:48:06 hostname acme-dns: 1.701884886728193e+09#011error#011obtain#011will retry#011{"error": "[a.acme-dns.mgmt.foo.com] Obtain: [a.acme-dns.mgmt.foo.com] solving challenge: a.acme-dns.mgmt.foo.com: [a.acme-dns.mgmt.foo.com] authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - DNS problem: NXDOMAIN looking up TXT for _acme-challenge.a.acme-dns.mgmt.foo.com - check that a DNS record exists for this domain (ca=https://acme-v02.api.letsencrypt.org/directory)", "attempt": 1, "retrying_in": 60, "elapsed": 1.527354888, "max_duration": 2592000}
The text was updated successfully, but these errors were encountered: