My domain is: speag.com (was trying for test69.osparc.speag.com)
My web server is (include version): traefik V2
The operating system my web server runs on is (include version):
Ubuntu 20
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
Hello,
I am using traefik in a docker swarm. I need to generate certificates in a Domain which is handled by my company DNS's server, with bind9.
When I do it in the staging environment, I have absolutely no problems and get the certificate in 2 mns. But, when I try to obtain it with the production env, it fails almost every time. It fails when with the second server verification..here are the messages I have :
Unable to obtain ACME certificate for domains "test69.osparc.speag.com": unable to generate a certificate for the domains [test69.osparc.speag.com]: error: one or more domains had a problem:\n[test69.osparc.speag.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: During secondary validation: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.test69.osparc.speag.com - check that a DNS record exists for this domain, url: \n" providerName=myresolver.acme routerName=api@docker rule="Host(
test69.osparc.speag.com) && (PathPrefix(/dashboard) || PathPrefix(/api))"
time="2020-09-15T20:21:06Z
and
During secondary validation: DNS problem: networking error looking up CAA for test69.osparc.speag.com
There is currently no CAA for this domain. I will add one to see if it changes something but logically it shouldn't be that.
I asked traeffik to wait three hours to have some DNS propagation before checking. And still the same message... Does someones have an idea about what is wrong ? Why some traefik's secondary server canno't check the record ?
Also, does traefik use secondary servers for a renewal of the certificate ? Because it seems that this is working quite well..
