Acme.sh requiring manual dns entry for duckDNS

I am trying to get a wildcard cert for my domain, but acme.sh wants me to manually create the txt records, instead of doing it automatically. It should work though, since duckDNS is on the list of providers who can be automated, but it doesn't.

Docker compose:

version: '3.6'

services:
  acme:
    container_name: 'web-proxy-acme'
    image: 'neilpang/acme.sh:3.0.2'
    
    command: 'daemon'
    network_mode: host
    restart: unless-stopped
    stdin_open: true
    tty: true
    
    environment:
      - 'DuckDNS_Token'
    security_opt:
      - 'no-new-privileges:true'
    volumes:
      - 'certs:/certs'
      - 'acmesh:/acme.sh'

volumes:
  certs: {name: web-proxy-certs}
  acmesh: {name: web-proxy-acmesh}

My domain is: *.youngberg.duckdns.org

I ran this command:
--issue --domain '*.youngberg.duckdns.org' --dns

It produced this output:
It seems that you are using dns manual mode. Read this link first: https://github.com/acmesh-official/acme.sh/wiki/dns-manual-mode

My web server is: N/A

The operating system my web server runs on is: Ubuntu Server 22.04 LTS

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine:
Yes

I'm using a control panel to manage my site:
Portainer 2.11.1

The version of my client is:
neilpang/acme.sh:3.0.2

  --dns [dns_hook]                  Use dns manual mode or dns api. Defaults to manual mode when argument is omitted.
                                    See: https://github.com/acmesh-official/acme.sh/wiki/dnsapi

I think --dns duckdns should be enough.

3 Likes

That seemed to work, but now acme is trying http-01 instead of dns-01

$ ./acme.sh --issue --domain '*.youngberg.duckdns.org' --dns duckdns
[Sun May  1 05:26:34 PM UTC 2022] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Sun May  1 05:26:34 PM UTC 2022] Single domain='*.youngberg.duckdns.org'
[Sun May  1 05:26:34 PM UTC 2022] Getting domain auth token for each domain
[Sun May  1 05:26:35 PM UTC 2022] Getting webroot for domain='*.youngberg.duckdns.org'
[Sun May  1 05:26:35 PM UTC 2022] Error, can not get domain token entry *.youngberg.duckdns.org for http-01
[Sun May  1 05:26:35 PM UTC 2022] The supported validation types are: dns-01 , but you specified: http-01
[Sun May  1 05:26:35 PM UTC 2022] Please add '--debug' or '--log' to check more details.
[Sun May  1 05:26:35 PM UTC 2022] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
1 Like

Very strange.

 --debug [0|1|2|3]                 Output debug info. Defaults to 1 if argument is omitted.

Shouldn't it be --dns dns_duckdns ? I don't have acme.sh to test with at moment but just looking at docs

4 Likes

That's weird, why doesn't it give an error if the dns hook isn't recognized?

Well, it did :slight_smile: Just not a very good one. That's a question for the acme.sh github

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.