Hello,
I am currently using a PowerDNS Authoritative server in my Bitfolk VPS
alongside Bitfolk's secondary DNS servers.
At home, I also have a self hosted NAS setup which involves the use of
Traefik alongside docker containers.
I have been trying to generate a wildcard Let's Encrypt certificate
using ACME via the Traefik container, authenticating via RFC2136.
However, while ACME was successfully able insert a TXT record into the
zone, it hasn't updated the Secondary DNS and reports back with the
following error:
unable to generate a certificate for the domains
[m6wiq.uk *.m6wiq.uk]: error: one or more domains had a problem:\n[*.m6wiq.uk] time limit
exceeded: last error: NS a.authns.bitfolk.co.uk. did not return the expected TXT record
[fqdn: _acme-challenge.m6wiq.uk., value:
Through my research on PowerDNS, I have ensured that SOA-EDIT-DNSUPDATE
is set to 'INCREASE' and that FORWARD-DNSUPDATE and NOTIFY-DNSUPDATE are
enabled. Is there anything else that I need to configure on PowerDNS to
ensure RFC2136 updates inform the secondary DNS servers?
Best Regards,
William
--
William Wright
Callsign: M6WIQ
Mail: william(a)m6wiq.uk