I have a local boulder instance running and issuance works fine. As a next step, I added google’s testtube CT log to the va config but when a new cert is issued, I get the following error:
boulder-publisher Request failed, backing-off for 8s: Post http://ct.googleapis.com/testtube/ct/v1/add-chain: dial tcp: lookup ct.googleapis.com on 127.0.0.11:53: server misbehaving
The actual endpoint it’s trying to log to looks correct to me. I’m using 18.104.22.168 as a resolver in the va and ra configs and I am puzzled why it’s trying to use 127.0.0.11 as a DNS resolver.
Also, just to avoid questions, google’s requirements for logging to their test logs are fulfilled (the cert’s subject has test in the name and the root in the chain is acceptable to testtube).
Appreciate any ideas!