[Pdns-users] Powerdns with letsencrypt challenge
Peter van Dijk
peter.van.dijk at powerdns.com
Wed Jun 9 10:02:58 UTC 2021
Hello,
On Wed, 2021-06-09 at 02:06 +0200, Cheikh Dieng via Pdns-users wrote:
> Hi,
>
> I try to generate certificate via letsencrypt , to that i need to record the following entry in my pdns server for letsencrypt challenge
> _acme-challenge.cloud.lfpw.dsna.fr. 300 IN TXT "gfj9Xq...Rg85nM"
> I'm using an ldapbackend with pdns in container mode.
>
> How I can make this kind of input in dns server ?
>
> 1- When i try via pdnsutil tools , i receive that error message
> podman exec pdns pdnsutil add-record cloud.lfpw.dsna.fr _acme-challenge TXT '" gfj9Xq...Rg85nM "'
add-record is not supported for the LDAP backend, sorry.
> > 2- I try to do the record via my ldapserver with an ldif file
>
> > This record is KO:
> > dn: dc=_acme-challenge,dc=cloud,dc=lfpw,dc=dsna,dc=fr
> > objectclass: top
> > objectclass: dnsdomain
> > objectclass: dNSDomain2
> > objectclass: domainrelatedobject
> > dc: _acme-challenge
> > TXTRecord: "bzEja8EGD3dloAObjOgE2ZCNwPO4SUOrK3kmaVmJdMA"
> > associateddomain: _acme-challenge.cloud.lfpw.dsna.fr.
Indeed, this is wrong.
> > This record is OK:
> > dn: dc=_acme-challenge,dc=cloud,dc=lfpw,dc=dsna,dc=fr
> > objectclass: top
> > objectclass: dnsdomain
> > objectclass: dNSDomain2
> > objectclass: domainrelatedobject
> > dc: _acme-challenge
> > TXTRecord: "bzEja8EGD3dloAObjOgE2ZCNwPO4SUOrK3kmaVmJdMA"
> > associateddomain: _acme-challenge.cloud.lfpw.dsna.fr
This is good, and should work.
> > The record for challenge must be: _acme-challenge.cloud.lfpw.dsna.fr. (with . at the end)
No, there must be no dot at the end in the database.
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
More information about the Pdns-users
mailing list