Closed mathieumd closed 7 months ago
Hi @mathieumd, thanks for testing and giving your feedback!
The communication between happyDomain and the provider/server is based on the capabilities offered by dnscontrol. Initial connectivity test exists for some providers, not all. In order to respond to 1., if the provider supports domain listing, it tries to do it, and returns eventual errors.
For 2., we added an option to allow insecure connections, and also a field to paste the expected certificate.
Perfect! And very wise to allow to paste our certificate, too! (While I'm at it, pasting the CA certificate -- and not the server certificate -- would be even better, I think, as it would not fail in some years when the server cert will be renewed)
In fact, this is the case: https://github.com/happyDomain/dnscontrol/commit/eacc88e4cdec83c6d07cdf0c5cf0e79fcb69205e#diff-e0a3737df14600dcef23c81735c4dfb69279c3d78bbd52a542767a86ac365ef5R117
The given certificate replaces the default certificates store. So it should work with both a root, an intermediate or a server certificate!
Confirmed! Thank you!
Adding a PowerDNS provider works, but when trying to connect it fails because it's use a private TLS certificate:
Shouldn't you: