[pbs-devel] [PATCH proxmox-backup v2] config: check if acme domain with wildcard uses dns challenge

Christian Ebner c.ebner at proxmox.com
Thu Sep 19 15:29:33 CEST 2024


On 9/19/24 15:07, Christian Ebner wrote:
> Just tested again, with an DNS api token which has full zone access, but 
> still get a `failed - status: Invalid` so something might still not be 
> right here. The TXT record is published with name 
> `_acme-challenge.*.domain.tld` when trying for `*.domain.tld` so that 
> should be fine?

No, it should be named `_acme-challenge.domain.tld` according to the 
article [0] linked to by [1] so that is why it does not get validated.

[0] 
https://www.eff.org/deeplinks/2018/02/technical-deep-dive-securing-automation-acme-dns-challenge-validation
[1] https://letsencrypt.org/docs/challenge-types/#dns-01-challenge




More information about the pbs-devel mailing list