Bug #13495
closed
ACME package's "DNS-Sleep" field's help text is incorrect
100%
Description
The help text under the "DNS-Sleep" field says:
"When using a DNS validation method configure how much time to wait before attempting verification after the txt records are added. Defaults to 120 seconds."
This is incorrect. It does not match acme.sh docs: https://github.com/acmesh-official/acme.sh/wiki/dnscheck
1. pfsense is clearly not defaulting to 120. Leaving that text field empty (the default) corresponds to not passing the `--dnssleep` flag at all (which is a desirable option, and reasonable default).
2. the purpose of the field is not to "configure how much time to wait before attempting verification" but rather it's to disable verification and instead wait the specified numbers of seconds. This is useful for people like me that block access to cloudflare and google DNS.
See also: https://forum.netgate.com/topic/174720/acme-renewal-timeout-and-no-doh/4
Updated by Jim Pingle about 2 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Addressed in ACME pkg v0.7.3
Updated by Danilo Zrenjanin about 2 years ago
- Status changed from Feedback to Resolved
Tested against ACME 0.7.3.
The help text has been updated accordingly.
DNS-Sleep
When using a DNS validation method this option disables automatic DNS polling and configures a specific amount of time, in seconds, to wait before attempting verification after adding TXT records. The default behavior is to automatically poll public DNS servers for the records until they are found, rather than waiting a set amount of time.
I am marking this ticket resolved.