Bug #9675: ACME package "domain alias mode" is ignored - pfSense Packages - pfSense bugtracker

Actions

Copy link

Bug #9675

closed

ACME package "domain alias mode" is ignored

Added by Jonathan Grande over 5 years ago. Updated over 5 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Jim Pingle

Category:

ACME

Target version:

Start date:

08/07/2019

Due date:

% Done:

Estimated time:

Plus Target Version:

Affected Version:

Affected Plus Version:

Affected Architecture:

Description

The domain alias mode check box seems to have no affect.

Expected result: --domain-alias added to to the acme.sh command line and TXT record created for _alias.test.example.net.
Actual result: --domain-alias is missing from the command line TXT record created for _acme-challenge._alias.uglyserver.net.

PFsense output:

/usr/local/pkg/acme/acme.sh --issue -d 'test.example.com' --challenge-alias '_alias.test.example.net' --dns 'dns_cf' --home '/tmp/acme/Testing/' --accountconf '/tmp/acme/Testing/accountconf.conf' --force --reloadCmd '/tmp/acme/Testing/reloadcmd.sh' --dnssleep '120' --log-level 3 --log '/tmp/acme/Testing/acme_issuecert.log'

Array
(
[path] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[PATH] => /etc:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin/
[CF_Key] =>
[CF_Email] => *
[CF_Token] =>
[CF_Account_ID] =>
)
[Wed Aug 7 10:38:14 MDT 2019] Registering account
[Wed Aug 7 10:38:16 MDT 2019] Registered
[Wed Aug 7 10:38:16 MDT 2019] ACCOUNT_THUMBPRINT='**'
[Wed Aug 7 10:38:16 MDT 2019] Single domain='test.example.com'
[Wed Aug 7 10:38:16 MDT 2019] Getting domain auth token for each domain
[Wed Aug 7 10:38:17 MDT 2019] Getting webroot for domain='test.example.com'
[Wed Aug 7 10:38:18 MDT 2019] Adding txt value: * for domain: _acme-challenge._alias.example.net
[Wed Aug 7 10:38:19 MDT 2019] Adding record
[Wed Aug 7 10:38:19 MDT 2019] Added, OK
[Wed Aug 7 10:38:19 MDT 2019] The txt record is added: Success.
[Wed Aug 7 10:38:19 MDT 2019] Sleep 120 seconds for the txt records to take effect
[Wed Aug 7 10:40:19 MDT 2019] Verifying: test.example.com
[Wed Aug 7 10:40:23 MDT 2019] Removing DNS records.
[Wed Aug 7 10:40:23 MDT 2019] Removing txt: * for domain: _acme-challenge._alias.example.net
[Wed Aug 7 10:40:24 MDT 2019] Removed: Success
[Wed Aug 7 10:40:23 MDT 2019] test.example.com:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge.test.example.com
[Wed Aug 7 10:40:24 MDT 2019] Please check log file for more details: /tmp/acme/Testing/acme_issuecert.log

Note: DNS alias mode works fine for me, it's just the domain alias mode checkbox that doesn't work as expected.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Bug #9675

ACME package "domain alias mode" is ignored

Updated by Jim Pingle over 5 years ago

Updated by Jonathan Grande over 5 years ago

Updated by Jim Pingle over 5 years ago