Hi, I am trying to get a certificate for minidebconf.curitiba.br which was registered 3 days ago. Not sure if that is relevant, but the curitiba.br TLD was also only made available for registration 3 days ago. I am using dehydrated as client.
The response I get is:
# INFO: Using main config file /etc/dehydrated/config
Processing minidebconf.curitiba.br
+ Signing domains...
+ Generating private key...
+ Generating signing request...
+ Requesting challenge for minidebconf.curitiba.br...
+ Responding to challenge for minidebconf.curitiba.br...
# !! WARNING !! Extra configuration directory /etc/dehydrated/conf.d exists, but no configuration found in it.
ERROR: Challenge is invalid! (returned: invalid) (result: {
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unknownHost",
"detail": "No valid IP addresses found for minidebconf.curitiba.br",
"status": 400
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/9fKqyy6JfzA3F1wJ3w2KWUsKIMFwsdnA8OKhY-eyZRk/2459918393",
"token": "N6bPl2yUcCo9LWFcQdXT2xHJy_55uPWc1HaD3Rls3FM",
"keyAuthorization": "N6bPl2yUcCo9LWFcQdXT2xHJy_55uPWc1HaD3Rls3FM.s-QUxdkD7XSz17uAvOtCZ6qDYRk3tfDJqjOClZLkYMM",
"validationRecord": [
{
"url": "http://minidebconf.curitiba.br/.well-known/acme-challenge/N6bPl2yUcCo9LWFcQdXT2xHJy_55uPWc1HaD3Rls3FM",
"hostname": "minidebconf.curitiba.br",
"port": "80",
"addressesResolved": [],
"addressUsed": "",
"addressesTried": []
}
]
})
I have tried resolving the name from various servers that I have access to, across the planet, and seems to be fine. What else can I try?
Hi, thanks for the quick reply! Indeed the DNS servers seem to be broken with regards to respecting the 0x20 bits in the letters of the domain name. we replaced the DNS servers and now it seems to work.