-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tencentcloud: fix InvalidParameter.DomainInvalid error when using DNS challenges #1616
Conversation
A FQDN will cause problems with Tencent SDK. `InvalidParameter.DomainInvalid` will be returned. UnFQDN the domain name will do.
Hello, are you able to do: (and put the output of this command to a comment in your PR) rm -rf .lego
./lego -m [email protected] --dns tencentcloud -d *.example.com -d example.com -s https://acme-staging-v02.api.letsencrypt.org/directory run Note that the wildcard domain is important. You have to replace |
Sure! Here is the output (with my actual domain names and email censored). Output$ rm -rf .lego && ./lego -m [email protected] --dns tencentcloud -d "*.mydomain.com" -d "mydomain.com" -s "https://acme-staging-v02.api.letsencrypt.org/directory" --dns.resolvers 119.29.29.29 run
2022/04/03 23:33:31 No key found for account [email protected]. Generating a P256 key.
2022/04/03 23:33:31 Saved key to /Users/charlie/projects/temporary/lego/dist/.lego/accounts/acme-staging-v02.api.letsencrypt.org/[email protected]/keys/[email protected]
2022/04/03 23:33:32 Please review the TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
Do you accept the TOS? Y/n
Y
2022/04/03 23:33:43 [INFO] acme: Registering account for [email protected]
!!!! HEADS UP !!!!
Your account credentials have been saved in your Let's Encrypt
configuration directory at "/Users/charlie/projects/temporary/lego/dist/.lego/accounts".
You should make a secure backup of this folder now. This
configuration directory will also contain certificates and
private keys obtained from Let's Encrypt so making regular
backups of this folder is ideal.
2022/04/03 23:33:44 [INFO] [*.mydomain.com, mydomain.com] acme: Obtaining bundled SAN certificate
2022/04/03 23:33:45 [INFO] [*.mydomain.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2081686778
2022/04/03 23:33:45 [INFO] [mydomain.com] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/2081686788
2022/04/03 23:33:45 [INFO] [*.mydomain.com] acme: use dns-01 solver
2022/04/03 23:33:45 [INFO] [mydomain.com] acme: Could not find solver for: tls-alpn-01
2022/04/03 23:33:45 [INFO] [mydomain.com] acme: Could not find solver for: http-01
2022/04/03 23:33:45 [INFO] [mydomain.com] acme: use dns-01 solver
2022/04/03 23:33:45 [INFO] [*.mydomain.com] acme: Preparing to solve DNS-01
2022/04/03 23:33:46 [INFO] [mydomain.com] acme: Preparing to solve DNS-01
2022/04/03 23:33:47 [INFO] [*.mydomain.com] acme: Trying to solve DNS-01
2022/04/03 23:33:47 [INFO] [*.mydomain.com] acme: Checking DNS record propagation using [119.29.29.29:53]
2022/04/03 23:33:49 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2022/04/03 23:33:49 [INFO] [*.mydomain.com] acme: Waiting for DNS record propagation.
2022/04/03 23:33:58 [INFO] [*.mydomain.com] The server validated our request
2022/04/03 23:33:58 [INFO] [mydomain.com] acme: Trying to solve DNS-01
2022/04/03 23:33:58 [INFO] [mydomain.com] acme: Checking DNS record propagation using [119.29.29.29:53]
2022/04/03 23:34:00 [INFO] Wait for propagation [timeout: 1m0s, interval: 2s]
2022/04/03 23:34:08 [INFO] [mydomain.com] The server validated our request
2022/04/03 23:34:08 [INFO] [*.mydomain.com] acme: Cleaning DNS-01 challenge
2022/04/03 23:34:10 [INFO] [mydomain.com] acme: Cleaning DNS-01 challenge
2022/04/03 23:34:11 [WARN] [mydomain.com] acme: cleaning up failed: tencentcloud: list records failed: [TencentCloudSDKError] Code=ResourceNotFound.NoDataOfRecord, Message=记录列表为空。, RequestId=2e1f1ae5-565b-4d96-862b-2c421c72006b
2022/04/03 23:34:11 [INFO] [*.mydomain.com, mydomain.com] acme: Validations succeeded; requesting certificates
2022/04/03 23:34:12 [INFO] [*.mydomain.com] Server responded with a certificate. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you
In #1527, there is a comment saying he encountered InvalidParameter.DomainInvalid when using DNS challenges with Tencent Cloud DNS.
This PR fixes that.
How:
Using FQDN as
request.Domain
will cause problems with Tencent SDK andInvalidParameter.DomainInvalid
will be returned.UnFQDN the domain name will solve it.
Formatting, linters, tests, and compiling have all passed.