search

home-assistant / addons

:heavy_plus_sign: Docker add-ons for Home Assistant
https://home-assistant.io/hassio/
Apache License 2.0
1.5k stars 1.46k forks source link

Duck DNS - ERROR: Challenge is invalid! (returned: invalid) (result: ["type"] "dns-01" #3678

Open KitHubek opened 1 month ago

KitHubek commented 1 month ago

Describe the issue you are experiencing

Just see this error at log. Official HA addon Duck DNS All working ok, but recent see this error at log

What type of installation are you running?

Home Assistant OS

Which operating system are you running on?

Home Assistant Operating System

Which add-on are you reporting an issue with?

Duck DNS

What is the version of the add-on?

1.17.0

Steps to reproduce the issue

  1. Install DuckDns addon
  2. fill config file
  3. run addon
  4. see errors at log

System Health information

System Information

version core-2024.6.4
installation_type Home Assistant OS
dev false
hassio true
docker true
user root
virtualenv false
python_version 3.12.2
os_name Linux
os_version 6.6.33-haos
arch x86_64
timezone Europe/Warsaw
config_dir /config
Home Assistant Community Store GitHub API | ok -- | -- GitHub Content | ok GitHub Web | ok GitHub API Calls Remaining | 5000 Installed Version | 1.34.0 Stage | running Available Repositories | 1384 Downloaded Repositories | 9
AccuWeather can_reach_server | ok -- | -- remaining_requests | 33
Home Assistant Cloud logged_in | false -- | -- can_reach_cert_server | ok can_reach_cloud_auth | ok can_reach_cloud | ok
GIOŚ can_reach_server | ok -- | --
Home Assistant Supervisor host_os | Home Assistant OS 12.4 -- | -- update_channel | stable supervisor_version | supervisor-2024.06.2 agent_version | 1.6.0 docker_version | 26.1.4 disk_total | 234.0 GB disk_used | 31.2 GB healthy | true supported | true host_connectivity | true supervisor_connectivity | true ntp_synchronized | true virtualization | board | generic-x86-64 supervisor_api | ok version_api | ok installed_addons | Studio Code Server (5.15.0), Mosquitto broker (6.4.1), Samba share (12.3.1), Duck DNS (1.17.0), NGINX Home Assistant SSL proxy (3.9.0), Zigbee2MQTT (1.38.0-1), ESPHome (2024.6.4), MariaDB (2.7.1), Advanced SSH & Web Terminal (18.0.0), phpMyAdmin (0.9.1), Node-RED (18.0.1)
Dashboards dashboards | 8 -- | -- resources | 5 views | 33 mode | storage
Recorder oldest_recorder_run | 3 maja 2024 17:04 -- | -- current_recorder_run | 30 czerwca 2024 00:07 estimated_db_size | 4754.19 MiB database_engine | mysql database_version | 10.11.6
Spotify api_endpoint_reachable | ok -- | --
Xiaomi Miot Auto component_version | 0.7.18 -- | -- can_reach_server | ok can_reach_spec | ok logged_accounts | 1 total_devices | 15

Anything in the Supervisor logs that might be useful for us?

No response

Anything in the add-on logs that might be useful for us?

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
# INFO: Using main config file /data/workdir/config
+ Account already registered!
[19:05:32] INFO: Renew certificate for domains: mydns.duckdns.org and aliases: 
# INFO: Using main config file /data/workdir/config
Processing mydns.duckdns.org
 + Checking domain name(s) of existing cert... unchanged.
 + Checking expire date of existing cert...
 + Valid till Jul 30 18:23:23 2024 GMT (Less than 30 days). Renewing!
 + Signing domains...
 + Generating private key...
 + Generating signing request...
 + Requesting new certificate order from CA...
 + Received 1 authorizations URLs from the CA
 + Handling authorization for mydns.duckdns.org
 + 1 pending challenge(s)
 + Deploying challenge tokens...
OK + Responding to challenge for mydns.duckdns.org authorization...
 + Cleaning challenge tokens...
OK + Challenge validation has failed :(
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"]  "dns-01"
["url"] "https://acme-v02.api.letsencrypt.org/acme/chall-v3/hiddennumbers"
["status"]  "invalid"
["validated"]   "2024-07-01T17:05:38Z"
["error","type"]    "urn:ietf:params:acme:error:dns"
["error","detail"]  "DNS problem: SERVFAIL looking up TXT for _acme-challenge.mydns.duckdns.org - the domain's nameservers may be malfunctioning"
["error","status"]  400
["error"]   {"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: SERVFAIL looking up TXT for _acme-challenge.mydns.duckdns.org - the domain's nameservers may be malfunctioning","status":400}
["token"]   "hiddentoken")

Additional information

my addon config:

domains:

at main HA config file:

http: ssl_certificate: /ssl/fullchain.pem ssl_key: /ssl/privkey.pem

dkliban commented 1 month ago

I am experiencing the exact same problem. i updated to 1.18.0 and that didn't help.

gffa325 commented 3 weeks ago

Same here!

DuckDNS Addon version 1.18.0

ruicarvalho-winsig commented 3 weeks ago

Same Here with 1.18.0.

ncp1113 commented 2 weeks ago

The UI configuration is incorrect for duckdns. There are actually 2 errors. Edit in YAML. (click on 3 dots) It should be:

domains:`
  - *****.duckdns.org
email: *****
keyfile: privkey.pem
certfile: fullchain.pem
challenge: dns
dns:
  provider: dns-duckdns
  duckdns_token: *****

Thank you to Bruno at https://www.derekseaman.com/2023/06/home-assistant-auto-renewing-lets-encrypt-ssl.html and Marie-Luise Orland

Kammiiz commented 1 week ago

The UI configuration is incorrect for duckdns. There are actually 2 errors. Edit in YAML. (click on 3 dots) It should be:

domains:`
  - *****.duckdns.org
email: *****
keyfile: privkey.pem
certfile: fullchain.pem
challenge: dns
dns:
  provider: dns-duckdns
  duckdns_token: *****

Thank you to Bruno at https://www.derekseaman.com/2023/06/home-assistant-auto-renewing-lets-encrypt-ssl.html and Marie-Luise Orland

Thanks a lot ! Worked for me

PinkFloyd1213 commented 5 days ago

The UI configuration is incorrect for duckdns. There are actually 2 errors. Edit in YAML. (click on 3 dots) It should be:

domains:`
  - *****.duckdns.org
email: *****
keyfile: privkey.pem
certfile: fullchain.pem
challenge: dns
dns:
  provider: dns-duckdns
  duckdns_token: *****

Thank you to Bruno at https://www.derekseaman.com/2023/06/home-assistant-auto-renewing-lets-encrypt-ssl.html and Marie-Luise Orland

This configuration is for the DuckDNS addon or for the Let's Encrypt addon ? Cause if I set this up like that in the DuckDNS addons, I got an error: 

Failed to save add-on configuration, Missing option 'lets_encrypt' in root in Duck DNS (core_duckdns). Got {'domains': ['***.duckdns.org'], 'email': '***', 'keyfile': 'privkey.pem', 'certfile': 'fullchain.pem', 'challenge': 'dns', 'seconds': 300, 'dns': {'provider': 'dns-duckdns', 'duckdns_token': '***''}}
ncp1113 commented 4 days ago

In the DuckDNS add-on, click on the three dots to get to "Edit in YAML". That is where you put your code. You need to register your domain with DuckDNS and copy DuckDNS token at the top of the page.