I add
zone “tech32.com” {
type master;
file “/etc/bind/tech32.com”;
update-policy {
grant tsigkey. name _acme-challenge.tech32.com. txt;
};
};
in internal zone and get SERFAIL error, log:
2018-08-15 16:57:46,497:INFO:certbot.auth_handler:Performing the following challenges:
2018-08-15 16:57:46,497:INFO:certbot.auth_handler:dns-01 challenge for tech32.com
2018-08-15 16:57:46,512:DEBUG:certbot_dns_rfc2136.dns_rfc2136:No authoritative SOA record found for _acme-challenge.tech32.com
2018-08-15 16:57:46,515:DEBUG:certbot_dns_rfc2136.dns_rfc2136:Received authoritative SOA response for tech32.com
2018-08-15 16:57:46,521:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 126, in _solve_challenges
resp = self.auth.perform(all_achalls)
File "/usr/lib/python2.7/site-packages/certbot/plugins/dns_common.py", line 57, in perform
self._perform(domain, validation_domain_name, validation)
File "/usr/lib/python2.7/site-packages/certbot_dns_rfc2136/dns_rfc2136.py", line 76, in _perform
self._get_rfc2136_client().add_txt_record(validation_name, validation, self.ttl)
File "/usr/lib/python2.7/site-packages/certbot_dns_rfc2136/dns_rfc2136.py", line 135, in add_txt_record
.format(dns.rcode.to_text(rcode)))
PluginError: Received response from server: SERVFAIL
2018-08-15 16:57:46,521:DEBUG:certbot.error_handler:Calling registered functions
2018-08-15 16:57:46,521:INFO:certbot.auth_handler:Cleaning up challenges
2018-08-15 16:57:46,526:DEBUG:certbot_dns_rfc2136.dns_rfc2136:No authoritative SOA record found for _acme-challenge.tech32.com
2018-08-15 16:57:46,528:DEBUG:certbot_dns_rfc2136.dns_rfc2136:Received authoritative SOA response for tech32.com
2018-08-15 16:57:46,531:DEBUG:certbot_dns_rfc2136.dns_rfc2136:Successfully deleted TXT record
2018-08-15 16:57:46,532:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/usr/bin/certbot", line 9, in <module>
load_entry_point('certbot==0.25.1', 'console_scripts', 'certbot')()
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1323, in main
return config.func(config, plugins)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 1213, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/usr/lib/python2.7/site-packages/certbot/main.py", line 120, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 383, in obtain_and_enroll_certificate
cert, chain, key, _ = self.obtain_certificate(domains)
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 326, in obtain_certificate
orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
File "/usr/lib/python2.7/site-packages/certbot/client.py", line 362, in _get_order_and_authorizations
authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 75, in handle_authorizations
resp = self._solve_challenges(aauthzrs)
File "/usr/lib/python2.7/site-packages/certbot/auth_handler.py", line 126, in _solve_challenges
resp = self.auth.perform(all_achalls)
File "/usr/lib/python2.7/site-packages/certbot/plugins/dns_common.py", line 57, in perform
self._perform(domain, validation_domain_name, validation)
File "/usr/lib/python2.7/site-packages/certbot_dns_rfc2136/dns_rfc2136.py", line 76, in _perform
self._get_rfc2136_client().add_txt_record(validation_name, validation, self.ttl)
File "/usr/lib/python2.7/site-packages/certbot_dns_rfc2136/dns_rfc2136.py", line 135, in add_txt_record
.format(dns.rcode.to_text(rcode)))
PluginError: Received response from server: SERVFAIL