'could not get certificate from issuer' - library not setting record?

[blager]

Hello, it seems like setting the record for challenge broke. My Caddy tries to renew certificate since October 14th and challenge is failing with this error log

could not get certificate from issuer

[*.subdomain.dedyn.io] solving challenges: presenting for challenge: adding temporary record for zone "dedyn.io.": appending RRSets to zone "dedyn.io.": unexpected status code 404: {"detail":"Not found."}

[znkr]

I would like to help, but with the given information I don't even know where to start. Please share all relevant log lines and your configuration. If you are not comfortable sharing this publicly, please provide them privately.

[znkr]

Although, it reminds me a bit of https://github.com/libdns/desec/issues/1. There the problem was the DNS setup. Please take a look into that issue, it's possible that's going to help.

[blager]

Thanks for taking interest and quick response. Sorry for not including more logs right away. My configuration is pretty basic and since it worked before I've assumed that maybe library is not actively maintained.

Discussion in issue you linked has helped. Since last cert renewal I had setup a local DNS server overwriting rules for those domains to point to local IP. Setting DNS resolvers manually helped. Caddy docs for reference: (https://caddyserver.com/docs/caddyfile/directives/tls#resolvers)

The log message in original post was also preceded with a log that I believe would be useful and helped you diagnose the problem in mentioned issue, where it's visible that zone used mistakenly has _acme-challenge subdomain. Leaving the log for future readers for reference:

cleaning up solver

no memory of presenting a DNS record for "_acme-challenge.subdomain.dedyn.io" (usually OK if presenting also failed)

[znkr]

I am glad you could figure this out. Thanks for leaving a trail for future readers!