Open Nowaker opened 6 years ago
I don't have enough DNS-fu to say so conclusively, but I am experiencing a similar issue with the CloudFlare provider (first enountered with Traefic, but reproduces using the CLI), so the issue might be more systemic than just a single provider. Hopefully it's not too hard to fix?
What's in Dnsimple:
Why it's happening:
Currently, Lego is looking for a direct match (sub2.sub1.domain.com), then for one level below the public suffix (domain.com), then gives up.
Lego should look for a matching zone starting from the lowest level (sub2.sub1.domain.com) and try one level up until it finds a matching zone. In our case, it would be sub2.sub1.domain.com -> sub1.domain.com -> domain.com. (Skip
com
because it's a public suffix)CCing the original author of Dnsimple support in Lego: @weppos :)