Let’s Encrypt 和 华为云的DNS 不大兼容啊

DNS验证基本上失败率>90%,换了阿狸的DNS秒过,MLGBD…

网友回复:

注册 珍爱生命,远离华为

ccf 扫描了一下华为云的DNS,应该是不支持 echo capitalization 导致的 已发工单,需要对DNS服务器做调整,看看他们能否解决 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.cn / 43.254.0.68 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.com / 114.115.192.11 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.com / 139.9.224.17 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.net / 159.138.76.159 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.org X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.org / 159.138.17.59 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.org / 159.138.77.159复制代码

hehe 是这样,所以我每次都要切腾讯DNS

ccf 折腾还是qq,阿里家吧

jqbaobao 华为dns有优先级设置,还有4个ns,两个国内两个国外

swsh007 其他功能是不错,我这里是单纯说Let’s的TXT验证,不管用华为国内国外,都失败 nslookup 查询没问题,但 Let’s 的查询机制不一样 https://unboundtest.com/ 这里可以测试,和 Let’s 的查询机制一样,TXT和CAA查询大概率失败,估计是DNS的兼容性有问题

By小酷 你如果有txt记录,建议全部写成一个,因为华为分开写记录集会变成轮训,写成一个才会全部显示

ccf 我知道他这个机制,我都是写一个记录的, 但问题是,哪怕这个记录里面只有一行TXT,https://unboundtest.com/ 这里也大概率查询失败,Let’s 就更完蛋了 而且 CAA 也是大概率查询失败

By小酷 原来是这个原因,还以为是le不支持我的域名

ccf 之前说要修的,结果现在都没修

注册 你发过工单么?

注册 把需要签证书的域名套上cfp就行

ccf 我说的不是一行,而是有其他的txt记录,你是不是有多个记录集

sky170 Let’s Encrypt部分地区验证超时,还是算了吧

By小酷 不是,我只有一条  TXT 记录集 不管这个记录集合里面有几行,都不行 比如 _acme-challenge.abc.com 这个TXT记录集,以下两种 txt 都有问题 只有一行 “vsebvtrsbtresb” 或者两行 “veavrevasresvre” “xresgvrwbvtreb” 应该不是记录的问题,而是华为DNS并不满足某些RFC标准

请叫我毛线 扫描了一下华为云的DNS,应该是不支持 echo capitalization 导致的 已发工单,需要对DNS服务器做调整,看看他们能否解决 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.cn / 43.254.0.68 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.com / 114.115.192.11 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.com / 139.9.224.17 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.net / 159.138.76.159 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.org X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.org / 159.138.17.59 X        Fatal error: Nameserver doesn’t support echo capitalization. That’s critical if you want to create Letsencrypt certificates. Read https://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00 (2008). If a dns client asks “ExAmPlE.cOm”, the name server must answer with the same name, not with “example.com”. Creating Letsencrypt certificates isn’t possible. Your name server provider must update the software.: ns1.huaweicloud-dns.org / 159.138.77.159复制代码

ccf Let’s Encrypt  和 DNS.COM 的自定义路线也不兼容 MMP 我用了几天才发现  100多W百度蜘蛛变5000 真是牛P

ccf 华为……就这样吧,我反正不用

注意:本站只对LOC帖子进行收集和归纳,并不审核其内容,若其中内容侵犯到您的权益,请联系长站删除!!本文由IP索引采集整理发布!!ipipn.com欢迎友情链接!!!

版权声明:东成西就 发表于 2020-10-26 18:31:40。
转载请注明:Let’s Encrypt 和 华为云的DNS 不大兼容啊 | 云知道

暂无评论

暂无评论...