I have Dyn DNS setup from my router to update a record with my home IP address, and that's working fine, but requires me to have port 80 open for Let's Encrypt renewal. I am now trying to get it to verify my domain with rfc2136 (which also allows for a wildcard cert). I have everything setup, and this is my ini file:
But this is not working. (I've tried both dynamic and api.cp hosts, as well as the IP). What would a working rfc2136 ini file look like for ZoneEdit?
I can provide some of the letsencrypt logs, but so far aside from this, they have not been very useful. Here's the most relevant part I could find:
And I tried using:
https://dynamic.zoneedit.com/txt-create.php?host=test.<mydomain>.com&rdata=ThisIsTheData
which works fine. However when I tried:
https://64.68.203.17/txt-create.php?host=test.<mydomain>.com&rdata=ThisIsTheData
I get:
Class file for server "64.68.203.17" does not exist
So is this something you need to fix on your end to allow access via IP instead of hostname? Or am I doing something wrong?
Perl:
# Instructions: https://github.com/certbot/certbot/blob/master/certbot-dns-rfc2136/certbot_dns_rfc2136/__init__.py#L20
# Replace with your values
# Target DNS server
dns_rfc2136_server = dynamic.zoneedit.com #api.cp.zoneedit.com #64.68.203.17
# TSIG key name
dns_rfc2136_name = <zoneedit username>
# TSIG key secret
dns_rfc2136_secret = <Dyn Auth token>
# TSIG key algorithm
dns_rfc2136_algorithm = HMAC-SHA512
But this is not working. (I've tried both dynamic and api.cp hosts, as well as the IP). What would a working rfc2136 ini file look like for ZoneEdit?
I can provide some of the letsencrypt logs, but so far aside from this, they have not been very useful. Here's the most relevant part I could find:
Looking at the documentation (https://github.com/certbot/certbot/...~:text=(IPv4 or IPv6 address, not a hostname)), it states that it needs to be an IP address, not hostname.2023-03-17 11:20:52,768:INFO:certbot._internal.auth_handler: Performing the following challenges:
2023-03-17 11:20:52,768:INFO:certbot._internal.auth_handler:dns-01 challenge for <mydomain>.com
2023-03-17 11:20:52,769:INFO:certbot._internal.auth_handler:dns-01 challenge for <mydomain>.com
2023-03-17 11:20:52,806: DEBUG:certbot_dns_rfc2136._internal.dns_rfc2136:TCP query failed, fallback to UDP: [Errno 111] Connection refused
And I tried using:
https://dynamic.zoneedit.com/txt-create.php?host=test.<mydomain>.com&rdata=ThisIsTheData
which works fine. However when I tried:
https://64.68.203.17/txt-create.php?host=test.<mydomain>.com&rdata=ThisIsTheData
I get:
Class file for server "64.68.203.17" does not exist
So is this something you need to fix on your end to allow access via IP instead of hostname? Or am I doing something wrong?