Comments (4)
ldez
commented on September 13, 2024
1
To explain why lego does SOA calls: the goal is to find the right place to create the TXT records, a user can have domains on several zones, so the automatic detection (through SOA calls) allows to handle that.
Without this detection, only one zone will be handled and should be provided by the user, in the majority of cases this will lead to a failure of the DNS challenge because it will be impossible to create TXT records.
from lego.
ldez
commented on September 13, 2024
Hello,
your problem is related to your DNS configuration, I never use OPNsense or Unbound so I will not be able to provide the way to configure it.
lego tries to find the zone by doing SOA calls, but as you notice, your DNS resolver doesn't answer those calls.
You should allow OPNsense/Unbound to answer those calls with the right information.
from lego.
muebau
commented on September 13, 2024
OK thank you. I will try.
from lego.
ldez
commented on September 13, 2024
I will close this issue but don't hesitate to add your solution as a comment for future OPNsense/Unbound users.
from lego.
Related Issues (20)
- Zone apex Subject alternative name not working with wildcards HOT 10
- could not determine authoritative nameservers
- Suppress "no renewal" message on renew HOT 1
- ovh: allow to use ovh.conf HOT 6
- Lego v4 digitalocean.DNSProvider does not implement acmez.Solver (certmagic) HOT 1
- zerossl RFC8738 certificate issuing for IP address not working HOT 2
- cloudflare: can't obtain certificates from LE with dns challenge HOT 4
- BlueCat cleanup fails so no cert created HOT 11
- Support for provider: nsd HOT 4
- Helmchart for lego HOT 1
- On success, print a message that contains the absolute path of the .lego directory.
- Tencent cloud cannot be successfully generated through DNS HOT 5
- Fails to obtain/renew certificate using godaddy HOT 2
- Liquidweb documentation is wrong HOT 1
- Propagation Time Limit exceeded HOT 1
- nifcloud: bug between v4.16.1 and v4.17.3 HOT 3
- Support for provider: lima-city HOT 4
- Support for provider: mijn.host HOT 3
- Allow setting wait time manually before DNS propagation is assumed complete HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lego.