DNS TXT - how to set DNS for subdomain (3rd level) wildcard?


#1

Setting up DNS records for wildcard sertificate.
Wildcard domain is subdomain: in.site.com
need to have 4nd level subdomains covering: *.in.site.com
DNS is common for all site site.com
TXT DNS settings is set like this:
2018-12-24_14-02-35
it was set more than 24hrs ago and it’s doesn’t work :frowning:
(SOA ttl = 1h)
So, I need wildcard sertificate for subdomain, but I don’t have special DNS for this subdomain, what to do?


#2

That looks like it’s probably correct.

What’s your domain?


#3

mnordhoff, *.in.gallerix.ru


#4

The two TXT records work for me:

_acme-challenge.in.gallerix.ru. 3600 IN TXT     "9u1uni2c8pp7owp5xqszs5lrn2asp3srsl6exfzxvjw"
_acme-challenge.in.gallerix.ru. 3600 IN TXT     "f5hhbvzh-eigjo_lqjckiiuysj_upfvskp9ki5ykr2u"

#5

I use Let’sEncrypt plugin for ISP manager, it send me notifications “add TXT to continue”.
What service do you use for dns lookup?
I can see A record only
https://mxtoolbox.com/SuperTool.aspx?action=a%3Ain.gallerix.ru&run=toolpage
https://screenshots.firefox.com/yVh2QfzbxnldLFjB/www.ultratools.com


#6

I used the command line tool dig.

You can use MX Toolbox, but you have to change the name to _acme-challenge.in.gallerix.ru and change the type to TXT.


#7

So it looks like plugin problem


#8

Does ISPConfig have a button to continue?


#9

No, it was pending operation awaiting DNS records and finished with error.


#10

What was the error?

.


#11

Empty message instead error description, ISPmanager don’t know this error.
Trying to find anything in logs.

syslog:
Dec 24 14:41:05 gallerix named[734]: zone gallerix.ru/IN:gallerix.ru’ found SPF/TXT record but no SPF/SPF record found, add matching type SPF record


#12

Dec 24 14:41:04 [601:31234] core_module e[1;36mEXTINFO Internal [letsencrypt][dim] 'args=&func=check.domaintxt&name=value&value=3U5MwDeuZEMP3CrkmwpdjJBPBd65vtwI6OC9vTeMT8M’e[0m
Dec 24 14:41:04 [601:31234] core_decoration e[1;36mEXTINFO New value value = '3U5MwDeuZEMP3CrkmwpdjJBPBd65vtwI6OC9vTeMT8M’e[0m
Dec 24 14:41:04 [601:31234] proc e[1;36mEXTINFO Run ‘/usr/sbin/named-checkzone gallerix.ru. /etc/bind/gallerix.ru’ pid 7976e[0m
Dec 24 14:41:04 [601:31234] proc e[1;36mEXTINFO Process 7976 finished with status 0e[0m
Dec 24 14:41:04 [601:31234] proc e[1;36mEXTINFO Run ‘/usr/sbin/named-checkzone gallerix.ru. /etc/bind/gallerix.ru’ pid 7977e[0m
Dec 24 14:41:04 [601:31234] proc e[1;36mEXTINFO Process 7977 finished with status 0e[0m
Dec 24 14:41:04 [601:31234] dns e[1;36mEXTINFO Update command ignorede[0m


#13

Dec 24 14:47:02 [601:31269] proc 1;36mEXTINFO Run ‘/bin/sh -c dig\ _acme-challenge.in.gallerix.ru.\ TXT\ 8.8.8.8\ 8.8.4.4\ 77.88.8.8\ 77.88.8.1\ 1.1.1.1\ +noall\ +answer’ pid 22008 0m
Dec 24 14:47:02 [601:31269] proc 1;36mEXTINFO Process 22008 finished with status 0 0m


closed #14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.