DNS validation method

Hi,
I have an domain klaudom1.ddns.net by No-IP, generating certificate on rp4 running dietpi was no problem so far.
I have changed my system by using OpenMediaVault and by setting up a nextcloud stack i used a compose file where i wanted to change the validation required by the installed swag container. The data i provided in the file looks like this:

   -URL=klaudom1.ddns.net
  - SUBDOMAINS=wildcard
  - VALIDATION=No-IP
  - DDNS=<DDNS Key generated at my account of No-IP>
  - EMAIL=<my registered email at No-IP>

However using this setting i receive an error. I think this syntax is incorrect. What is the correct way to do that?
Thank you!

1 Like

Great! Let me look in my crystal ball and find out what the error you got actually was!


When you opened this thread in the Help section, you should have been provided with a questionnaire. Maybe you didn't get it somehow (which is weird), or you've decided to delete it. In any case, all the answers to this questionnaire are required:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):


Also, I have no idea what the following means:

Maybe you can elaborate more about this "Swag container" and how that "data [you] provided" actually fits in?

The volunteers in this Community are not omniscient and are usually working with more common ACME clients such as Certbot or acme.sh. Swag already is a rather fringe setup here, so we really require more elaborate input from your side.

Also also: why do you want to change to the dns-01 challenge to begin with? What's wrong with the perfectly fine certificate issued yesterday, presumably using the http-01 challenge?

2 Likes

I am so sorry.
My domain is klaudom1.ddns.net
It is a self-hosted Raspberry Pi 4 with dietpi OS running nginx as webserver. I wanted to install a nextcloud for self hosting by installing it into a docker container in OpenMediaVault environment. To do so i created a docker-compose.yml from a sample file that had a part to install a swag container. That part of the file asked for the domain validation (i suppose this the DDNS validation). The original file based on duckdns and so i created a domain too there for testing. The testing domain worked fine creating a certificate. However i would like to stay with my original domain of klaudom. ddns. net by No-IP. There i have created a DDNS key. I tried to use this for validation like instead of
DUCKDNSTOCKEN
using
DDNS and provide the Key created. However that gives an error saying no cert available for this domain. That is why i think i have a syntax error.

Yeah, I'm gonna leave this thread for any volunteer who can make sense of this :slight_smile:

2 Likes

Maybe this help to understand my problem:
How to use the DDNS key generated for No-IP domains?

I'm not even sure if it's possible to add a TXT RR using No-IPs DDNS API. Or add a TXT RR even without the DDNS API. I can't find it in the No-IP configuration panel anyway, even though they claim it somehow should be possible. Maybe for paying customers?

1 Like

So could it be that the syntax i need for the compose.yml file for the docker should have
TXTRR as a line for DDNS key?

No. I have no clue how you got to that very incorrect conclusion.

1 Like

As duckdns uses tockens for validation, i came to the conclusion that no-ip uses Key for validation and the only thing i miss is the correct syntax. Anyway thank you so much, i will skip that try to use the no-ip domain.

Do I understand well that your ACME client is swag? Or, the swag is something else, then what is your ACME client?

4 Likes

I am not an computer expert so i guess yes. SWAG is to control certbot in the docker container of nextcloud

If that thing called "Swag" is using Certbot under the hood, I'm not sure if you can interface with No-IP to begin with. While there is a DuckDNS DNS plugin for Certbot, I'm not familiar with a DNS plugin for No-IP for Certbot.

So it might be that what you want isn't even possible.

1 Like

Thank you very much really, i do not want steal your time. I do understand it. So i will keep the system domain at the duckdns since that works.

1 Like