ClouDNS PlugIn Fails GET Requeset

rmbolger / Posh-ACME

PowerShell module and ACME client to create certificates from Let's Encrypt (or other ACME CA)

https://poshac.me/docs/latest/

MIT License

752 stars 186 forks source link

ClouDNS PlugIn Fails GET Requeset #520

Closed sivan-koren closed 10 months ago

sivan-koren commented 10 months ago

This seems to have stopped working sometime in the last few weeks.

DEBUG: Loading PAOrder list from disk
DEBUG: Loading PAAccount list from disk
DEBUG: Calling ClouDNS plugin to add _acme-challenge.rras.example.com TXT with value Sy5wzfVRMzhGTdlAHw1RFsBiW7r8xJ8xtdjkNA0KA-Q
DEBUG: Checking _acme-challenge.rras.example.com
DEBUG: GET https://api.cloudns.net/dns/get-zone-info.json?&domain-name=_acme-challenge.rras.example.com
Submit-ChallengeValidation : Unable to connect to the remote server
At C:\Program Files\WindowsPowerShell\Modules\Posh-ACME\4.18.0\Public\New-PACertificate.ps1:252 char:9
+         Submit-ChallengeValidation
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Submit-ChallengeValidation], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Submit-ChallengeValidation

I've confirmed that no DNS entry exists, and that the API id and password are still valid.

Thanks for any help.

rmbolger commented 10 months ago

Hi @sivan-koren. Thanks for reaching out and sorry for the delay.

I've confirmed that no DNS entry exists

Do you mean the plugin wasn't able to create the DNS TXT record or that your system can't resolve the api.cloudns.net hostname in DNS?

The "Unable to connect to the remote server" error implies there is something blocking the connection from your system running Posh-ACME to the ClouDNS API server. As far as I can tell right now, their API server is up and responsive. You might want to test a basic PowerShell web request against the API like this:

Invoke-RestMethod https://api.cloudns.net/dns/get-zone-info.json?domain-name=example.com

This won't actually succeed, but it should generate a response that indicates Invalid authentication rather than something like "Unable to connect to the remote server".

sivan-koren commented 10 months ago

Hi @rmbolger, I meant that the DNS entry was not being created. It looks like api.cloudns.net does resolve, but I don't get a response back. It must be a firewall thing.

Thanks for the quick response and thanks for your help.