le9i0nx
commented
2 years ago check zone in challengeRequest.ResolvedFQDN
- _acme-challenge.test.ru
- test.ru
Closed le9i0nx closed 1 year ago
le9i0nx
commented
2 years ago check zone in challengeRequest.ResolvedFQDN
wildGecko
commented
1 year ago Why delete a zone from ENV? It is passed to the request in such a way that it explicitly specifies where to create a record, since you can have multiple dnames. We will study the question about delegation.
le9i0nx
commented
1 year ago if you delete the env zone, then you can renew the certificate for any domain to which you have access and not create a ClusterIssuer list for each domain
c0rnoTa
commented
1 year ago @le9i0nx you are welcome to review my PR https://github.com/flant/cert-manager-webhook-regru/pull/8 too.
wildGecko
commented
1 year ago I have accepted PR.
the zone can be calculated through requests to api https://www.reg.ru/reseller/api2doc#zone_nop you also need to consider dns delegation in _acme-challenge https://letsencrypt.org/docs/challenge-types/