co.uk tld not working

[matth9]

Hello,

I have 2 domains that I am configuring with wildcard certs, my .com domain is working correctly, but my .co.uk domain does not work correctly and appears to not be parsing the domain properly.

Caddyfile

*.example.com, example.com, *.example.co.uk, example.co.uk {
    tls {
        issuer zerossl APIKEY {
            email EMAIL
            dns cloudflare APIKEY
        }
    }
}

.co.uk error ERROR tls.obtain will retry {"error": "[*.example.co.uk] Obtain: [*.example.co.uk] solving challenges: presenting for challenge: adding temporary record for zone \"co.uk.\": expected 1 zone, got 0 for co.uk.

I have confirmed that both of the domains are included in the API token on Cloudflare and example.com is working correctly. The same issue also appears for example.co.uk so it appears to be something to do with the .co.uk tld

Any suggestions to get this working would be greatly appreciated.

Thanks in advance

[mholt]

What is the domain? I'll look into it.

[matth9]

The domain is matthealy.co.uk that is causing the error. Thank you

[mholt]

Hmm, the domain looks like it has SOA records at Cloudflare and such. I wonder if your local DNS resolver is being weird? Do you have any funky DNS config going on with your network?

[matth9]

There's nothing special about my DNS, I'm using 1.1.1.1 as my resolver and it works for my .com domain.

I thought it was something to do with the parsing of the domain as the error states: adding temporary record for zone \"co.uk.\": expected 1 zone, got 0 for co.uk It doesn't seem to parse the full domain, just the tld, unless this is expected for the log

[mholt]

I don't think there's any domain "parsing" done, but we do look up the SOA for the domain so that we can infer the zone, which should be matthealy.co.uk in your case. For some reason it's not finding the SOA.

I just tried it on my machine too, and got a similar error, but slightly different:

2024/05/20 15:51:10.048 ERROR   tls.obtain  could not get certificate from issuer   {"identifier": "matthealy.co.uk", "issuer": "acme-staging-v02.api.letsencrypt.org-directory", "error": "[matthealy.co.uk] solving challenges: presenting for challenge: adding temporary record for zone \"matthealy.co.uk.\": expected 1 zone, got 0 for matthealy.co.uk. 

I am not really sure what is going on here :thinking:

I don't have time to dive into this too much right now, but hopefully this information makes troubleshooting a little clearer

[matth9]

That's really strange, I don't understand why for you it attempts to add the temporary record for the domain, but for me it attempts it for just co.uk

2024/05/20 16:50:23.197 ERROR tls.obtain will retry {"error": "[matthealy.co.uk] Obtain: [matthealy.co.uk] solving challenges: presenting for challenge: adding temporary record for zone \"co.uk.\": expected 1 zone, got 0 for co.uk.

I've just tried building with xcaddy rather than downloading from the caddy website and have the same result. It is still working normally for my .com domain, but this .co.uk one has issues

[matth9]

Removing the domain from the hosts file has resolved the issue, thanks for your help