switching to the production version of letsencrypt and waiting longer for DNS propagation seems to fix the issue with letsencrypt certificate generation
Setting the acme challenges is not an issue - but recently these challenges no longer complete for me:
[*.dataweeder.cloud] The server validated our request"
[dataweeder.cloud] acme: Trying to solve DNS-01"
[dataweeder.cloud] acme: Checking DNS record propagation using [1.1.1.1:53 1.0.0.1:53]"
Wait for propagation [timeout: 2m0s, interval: 2s]"
Delaying 90000000000 rather than validating DNS propagation now." providerName=dns-cloudflare.acme
and am stuck until this timeouts.
What do you mean by DNS A issues? the 127.0.0.1 (for this particular domain) is deliberate to serve nice SSL certs for local development.
yes - this is why I am using cloudflares DNS servers. And as also written above - this worked well some weeks ago and seems to fail now by not completing the challenge
Looks like the process isn't cleaning up after itself:
nslookup -q=txt _acme-challenge.dataweeder.cloud. max.ns.cloudflare.com
Server: max.ns.cloudflare.com
Address: 173.245.59.132
_acme-challenge.dataweeder.cloud text = "1ErmhKTTqTQrZbfWNW9_9eOhfFkZsDcmzH2B92Hyf9Y"
_acme-challenge.dataweeder.cloud text = "9v14vg7i8AubNcDv9HRRiJolC3jncUB0zyOoJCub0Ew"
_acme-challenge.dataweeder.cloud text = "N9aMUzp1Oo3HME1gJylQ8wPHrAtQtg9WvrhZxiydRZU"
_acme-challenge.dataweeder.cloud text = "TsCGnK9-9yQcqIuxypGY6neQsCfUC1ZDPfLQgbsySCM"
_acme-challenge.dataweeder.cloud text = "WrJsFZJfHG_-zpWbds7RHpLTsDTXBrvFom4_PMz93hU"
_acme-challenge.dataweeder.cloud text = "jZ17VlvsHagFA6X-izO0LreGRhI8HvjlpcBrmKxfzkA"
_acme-challenge.dataweeder.cloud text = "oSkHBhh2_fiFpawKitIM0zwL6aBjgTw6c3B3Ucshjv8"
_acme-challenge.dataweeder.cloud text = "ymSSkww3HngJ0aFViPNwchZmb4SJ5HR58cxzxrYF-Wg"
You might want to remove all those before continuing [your tests].
Have you tried increasing the timeouts beyond 2m0s?
I ran across an FAQ for Cloudflare that hinted that 5m is tolerable limit. I am not a Cloudflare expert but worth checking if that resolves it. Could check with Cloudflare support or on their forums for an official response.
And, unless you are doing high volume of certs a 2s retry seems unnecessarily short.