xyz is not a valid domain. Expected at least 1 TLD and 1 SLD

[volfco]

Subdomains, i.e. *.lab.volf.co, don't work with this plugin due to libdns/namecheap being out of date and seemingly abandoned.

Upstream Issue: https://github.com/libdns/namecheap/issues/6

The original Caddy forum post contains what seems to be the problematic code in libdns. https://caddy.community/t/wildcard-and-namecheap-issues/21805/2

[mholt]

Thanks; if the maintainer stays unresponsive (and it looks like it's been quite a while), we can appoint a new one. Would you like to maintain it?

[volfco]

I'll need to dust of my Go, but sure.

[nrfox]

Subdomains, i.e. *.lab.volf.co, don't work with this plugin due to libdns/namecheap being out of date and seemingly abandoned.

A little prodding is always good! Apologies for the slow responses. I also don't actively monitor that forum but I'll try to pay more attention to what's going on there. If you're interested in helping maintain this project that would be much appreciated. It would be great to have another pair of eyes for this. I actively use this tool so I see it as more of a public service to help maintain it (albeit poorly lately) but also if @mholt wants to hand someone else the reigns that's fine with me too.

For this particular issue that code that is linked in the forum doesn't seem right. Instead of arbitrarily splitting somewhere I think we want to first get the list of TLDs from namecheap. @volfco would you be willing to open a PR for this?

[volfco]

@nrfox I'll get a PR opened to fix this issue.

[volfco]

So it's not a bug.

'xyz is not a valid domain. Expected at least 1 TLD and 1 SLD' Means that the SOA record for your domain, i.e. foo.xyz, is incorrect. I experienced this because I had a CNAME for the root record, which was causing Namecheap to not return a SOA.

Caddy will keep trying to find the root zone of the given hostname, and the above error is because the only valid SOA response is from the tld zone. (This behavior is from https://github.com/caddyserver/certmagic/blob/master/dnsutil.go#L23)

So, this issue isn't a bug... just the result of a lack of useful logging.

I also encountered: namecheap api returned error in response. Err: Error0: Invalid request IP:

This means that the IP the API request is coming from is not whitelisted. Namecheap requires you to whitelist the IP you want to call their API from.

So- closing this.

[nrfox]

Alright thanks for investigating and posting your findings.

just the result of a lack of useful logging.

Is there anything more useful that this module could've logged to help?

[mholt]

I could add more debug logs to the dnsutils file in CertMagic if that would help (or I'd accept a PR!)