starred/dehydrated
1
0
Fork 0
mirror of https://github.com/dehydrated-io/dehydrated.git synced 2026-01-13 15:13:33 +01:00
Code Issues 79 Packages Projects Releases 10 Wiki Activity

Issue with two domains (master.tld *.master.tld) on same TXT record #472

New Issue
Closed
opened 2025-12-29 01:25:53 +01:00 by adam · 1 comment
adam commented 2025-12-29 01:25:53 +01:00
Owner
Copy Link

Originally created by @toblery on GitHub (Apr 20, 2020).

Hi

I have one domain and I would create one certificate with master domain (without hostname part) and asterisk domain. I am also using a web hook to create DNS entries but when challenge/responses are being set, it's done one at a time.
First it creates challenge for _acme-challenge.master.tld for master.tld
Second it creates challenge for _acme-challenge.master.tld for *.master.tld
So it overwrites first created TXT record and then goes to Letsencrypt verification process which sees only second challenge.

Is it a bug on my own hook script not to delete first TXT record or is it working as intended?
Does Letsencrypt understand if there are two TXT records for _acme-challenge host?

Regards, Henri

Originally created by @toblery on GitHub (Apr 20, 2020). Hi I have one domain and I would create one certificate with master domain (without hostname part) and asterisk domain. I am also using a web hook to create DNS entries but when challenge/responses are being set, it's done one at a time. First it creates challenge for _acme-challenge.master.tld for master.tld Second it creates challenge for _acme-challenge.master.tld for *.master.tld So it overwrites first created TXT record and then goes to Letsencrypt verification process which sees only second challenge. Is it a bug on my own hook script not to delete first TXT record or is it working as intended? Does Letsencrypt understand if there are two TXT records for _acme-challenge host? Regards, Henri
adam closed this issue 2025-12-29 01:25:53 +01:00
adam commented 2025-12-29 01:25:53 +01:00
Author
Owner
Copy Link

@lukas2511 commented on GitHub (Apr 20, 2020):

Please see https://github.com/dehydrated-io/dehydrated/blob/master/docs/troubleshooting.md#dns-invalid-challenge-since-dehydrated-060--why-are-dns-challenges-deployed-first-and-verified-later

Both TXT records should be deployed at the same time.

@lukas2511 commented on GitHub (Apr 20, 2020): Please see https://github.com/dehydrated-io/dehydrated/blob/master/docs/troubleshooting.md#dns-invalid-challenge-since-dehydrated-060--why-are-dns-challenges-deployed-first-and-verified-later Both TXT records should be deployed at the same time.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Complicated
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
 suggestions wanted
testing
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
adam
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/dehydrated#472
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?