Closed FreakyBigFoot closed 9 months ago
Thank you for creating an issue. Since the ticket doesn't seem to be using one of our templates, we're marking this issue as low priority until further notice.
For more information about the policies for this repository, please read https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md for further details.
The easiest option to gain traction is to close this ticket and open a new one using one of our templates.
Please enable debug logging on the Acme-Client settings page and try again. This may reveal why it is failing.
@FreakyBigFoot I have a hunch that switching your /var/etc/acme-client/accounts/**/account.conf
to use GANDI_LIVEDNS_TOKEN
instead of GANDI_LIVEDNS_KEY
will fix your problem.
Gandi switched to using a Personal Access Token for their authentication.
The ACME plugin UI looks like it might set the GANDI_LIVEDNS_KEY
The plugin looks like it has a little extra logic to handle both: https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_gandi_livedns.sh#L23
Hey @xer0x Thank you very much! That worked. @fraenki So sorry.. I never saw this response. It's been a crazy month or 2.
I had to also paste my key in there. I wonder how we can get this updated in the UI to use the newer system?
Support for Personal Access Tokens will be available in os-acme-client 3.20.
The bug I'm not able to renew a certificate when using the Challenge Type of DNS-01 via Gandi LiveDNS.
I've updated my API key and even attempted to setup timeouts. The DNS txt record is never created. I'm not sure how to troubleshoot this more. Any help is appreciated.
OPNsense 23.7 AMD Ryzen 7 5800U Network Intel® i226