Open tmm1 opened 4 years ago
Just ran into this on a Windows system in an IT environment that has a firewall in place that blocks 53...
Just to add more of a documentation trail for myself and others:
export CGO_ENABLED=1
and export GODEBUG=netdns=go
the system resolver should be usednet/dns
package, well, sucks. It's so high-level that's is not usable for normal DNS queries (i.e. TTL, 0x20 encoding, etc)lego
therefore uses miekg/dns
, which is a sane dns packageI see that we have docs for how to set a different custom resolver... but what about when we don't explicitly know the settings used by the system resolver? What do we do then?
Note:
Looking at what I believe to be the place the resolver would be referenced in the windows syscall code for the DNS lookups, I don't see it there either: https://golang.org/src/net/lookup_windows.go
Possible Workaround:
Use a PowerShell script that grabs the Windows DNS resolvers and passes them to the Go application with a new flag such as --acme-dns-resolvers
https://github.com/go-acme/lego/blob/8afde164a15aea9b5d7eddc1f1d267b56fb5132e/challenge/dns01/nameserver.go#L13
https://github.com/go-acme/lego/blob/8afde164a15aea9b5d7eddc1f1d267b56fb5132e/challenge/dns01/nameserver.go#L28-L29
https://github.com/go-acme/lego/blob/8afde164a15aea9b5d7eddc1f1d267b56fb5132e/challenge/dns01/nameserver.go#L72-L74
cc https://github.com/miekg/dns/issues/334