DNS Resolution Issues


#1

When the challenges try to verify my website it seems to resolve to the wrong ip address.

I’ve recently (after I applied for the beta) changed my dns provider to a new one and that should be the issue but does Let’s Encrypt’s dns mechanism update frequently or are the whitelisted domains’ ip addresses hardcoded into the challenges on the preview server?


#2

HI, without knowing the domain nobody can help you.
Because there is no way to check the TTL.
Maybe you used an to log ttlin your DNS-Records?


#3

It seems that my problem was the notorious mime type issue instead of DNS issues. I managed to fix it with a simple location rule in nginx. Thanks for the reply though :smile:


#4

well reading the github they take away the content type.


#5

It’s gone in the current spec, but there was no consensus, see mailing list. And updates in Boulder will take some time anyway.


#6

well I hope it will stay away because the fact that the type can change easily without actually saying anything about the actual content doesnt change.


#7

It’s mainly to avoid file drops to be able to issue certificates easily.


#8

but that’s why we have the special path and usually a “file drop” (I think you mean somezthing like a pastebin but for files, if not correct me) they either dont give you a hotlink so easily or use their own paths.


#9

Usually, but there may be hosts allowing uploads to arbitrary locations.


#10

wait what? lol, never heard about that. all of those filehosters I know always had a special link and you usually had an intermediate page if you werent a premium user (and the LE server certainly doesnt act as premium user for any file hoster) you always had to wait or similar stuff.


#11

Waiting is not a problem, challenges are valid for one week until they expire. It’s questionable if that period should be really that long.


#12

ah so that explains the pending stats https://letsencrypt.org/stats/ :slight_smile:


#13

Some pending ones are also from me while developing my client. :stuck_out_tongue_winking_eye:


#14

ah yes i contributed those pending too heh