Can't generate subdomain certificates

Question

Can't generate subdomain certificates

Closed this issue 4 years ago · 1 comments

michael-caraccio-colorix commented 4 years ago

Generate Domain certificates seems to work, but not for a specific subdomain. It used to work, but not anymore.

Command

sudo -E /usr/local/bin/certbot certonly \
       --dry-run \
       --authenticator dns-infomaniak \
       --server https://acme-v02.api.letsencrypt.org/directory \
       --dns-infomaniak-propagation-seconds 120 \
       --agree-tos \
       --debug \
       --verbose \
       --non-interactive \
       --renew-with-new-domains \
       --keep-until-expiring \
       --email info@domain.com \
       --rsa-key-size 4096 \
       -d test.domain.com

Output

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-infomaniak, Installer None
Simulating a certificate request for test.domain.com
Performing the following challenges:
dns-01 challenge for test.domain.com
Waiting 120 seconds for DNS changes to propagate
Waiting for verification...
Challenge failed for domain test.domain.com
dns-01 challenge for test.domain.com

Certbot failed to authenticate some domains (authenticator: dns-infomaniak). The Certificate Authority reported these problems:
  Domain: test.domain.com
  Type:   dns
  Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.test.domain.com - check that a DNS record exists for this domain

Reason

Certbot is looking for _acme-challenge.test.domain.com (with subdomain) TXT but the dns-infomaniak
plugin wrote _acme-challenge.domain.com (missing subdomain in url) TXT instead.

I think the problem come from the source = source.split(".")[0] in file dns_infomaniak.py

Answer 1 · 2021-06-24T20:03:10.000Z

This is the new release: https://github.com/Infomaniak/certbot-dns-infomaniak/releases/tag/0.1.13