Hi
After some searching I found that the only supported acme dns authenticators are cloudflare and aws route53. I'm currently using OVH as my DNS provider so I figured I'd try the "shell" type authenticator in the UI.
I installed acme.sh and followed the directives for OVH and ended up putting this in my shell script
Which works well when running it manually (with proper api auth for ovh) and creates the certificates in
I then created a certificate signing request that uses my authenticator, which worked, but when actually creating the ACME certificate, I'm getting a DNS error (which doesn't happen when running my authenticator script manually)
I didn't find any mention of the "shell" option in the documentation, so I'm not sure if i'm missing something, or if using acme.sh in the script is actually the right way of doing it ?
I found a 2y old post that seem to do every step manually with the freenas api, but I figure that it's a bit old and should somehow be "replaced" with the "shell" option.
Thanks
After some searching I found that the only supported acme dns authenticators are cloudflare and aws route53. I'm currently using OVH as my DNS provider so I figured I'd try the "shell" type authenticator in the UI.
I installed acme.sh and followed the directives for OVH and ended up putting this in my shell script
/root/.acme.sh/acme.sh --issue -d "my.domain" -d "*.my.domain" --dns dns_ovh --server letsencrypt
Which works well when running it manually (with proper api auth for ovh) and creates the certificates in
/root/.acme.sh/my.domain
. I then created an acme dns authenticator with the "shell" type pointing to this script, and created it successfully. I then created a certificate signing request that uses my authenticator, which worked, but when actually creating the ACME certificate, I'm getting a DNS error (which doesn't happen when running my authenticator script manually)
Code:
Error information: - Type: urn:ietf:params:acme:error:dns - Details: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.my.domain - check that a DNS record exists for this domain Authorization for identifier Identifier(typ=IdentifierType(dns), value='my.domain') failed. Here are the challenges that were not fulfilled: Challenge Type: dns-01 Error information: - Type: urn:ietf:params:acme:error:dns - Details: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.my.domain - check that a DNS record exists for this domain
I didn't find any mention of the "shell" option in the documentation, so I'm not sure if i'm missing something, or if using acme.sh in the script is actually the right way of doing it ?
I found a 2y old post that seem to do every step manually with the freenas api, but I figure that it's a bit old and should somehow be "replaced" with the "shell" option.
Thanks