The dns challenge has a dry run that add's an unnecessary complexity to handle.
The dry run test is on different and random dns records, different to what letsencrypt require.
It would be great if the test can be done on the same (or at least on a fixed) dns row that letsencrypt required.
Would such a thing be possible to fix on your end?
Thanks
Hi,
The dns challenge has a dry run that add's an unnecessary complexity to handle.
The dry run test is on different and random dns records, different to what letsencrypt require.
It would be great if the test can be done on the same (or at least on a fixed) dns row that letsencrypt required.
Would such a thing be possible to fix on your end?
Thanks
Actually, it's important that it not be the same - otherwise you end up DNS cache poisoning yourself and the ACME challenges won't pass.
You can, however, turn the dry-run off completely.
I cleaned this all up when I created the browser port ( https://greenlock.domains/app/js/bluecrypt-acme.js ), however, I haven't ported it back to node yet (but I will, because ACME draft-18 requires some of the changes I made by November.
Actually, it's important that it *not* be the same - otherwise you end up DNS cache poisoning yourself and the ACME challenges won't pass.
You can, however, turn the dry-run off completely.
I cleaned this all up when I created the browser port ( https://greenlock.domains/app/js/bluecrypt-acme.js ), however, I haven't ported it back to node yet (but I will, because ACME draft-18 requires some of the changes I made by November.
Hi,
The dns challenge has a dry run that add's an unnecessary complexity to handle.
The dry run test is on different and random dns records, different to what letsencrypt require.
It would be great if the test can be done on the same (or at least on a fixed) dns row that letsencrypt required.
Would such a thing be possible to fix on your end?
Thanks
Actually, it's important that it not be the same - otherwise you end up DNS cache poisoning yourself and the ACME challenges won't pass.
You can, however, turn the dry-run off completely.
I cleaned this all up when I created the browser port ( https://greenlock.domains/app/js/bluecrypt-acme.js ), however, I haven't ported it back to node yet (but I will, because ACME draft-18 requires some of the changes I made by November.
Thank you for the answer.