search

shibayan / keyvault-acmebot

Automated ACME SSL/TLS certificates issuer for Azure Key Vault (App Service / Container Apps / App Gateway / Front Door / CDN / others)
Apache License 2.0
912 stars 237 forks source link

Unable to create root domain certificate #173

Closed uniqueumang closed 4 years ago

uniqueumang commented 4 years ago

Describe the bug When root domain is requested, it fails to create with following error: { "type": "https://tools.ietf.org/html/rfc7231#section-6.6.1", "title": "An error occured while processing your request.", "status": 500, "detail": "Orchestrator function 'IssueCertificate' failed: The activity function 'Dns01Authorization' failed: \"Failed to deserialize exception from TaskActivity: {\"$type\":\"Microsoft.Rest.Azure.CloudException, Microsoft.Rest.ClientRuntime.Azure\",\"Request\":{\"$type\":\"Microsoft.Rest.HttpRequestMessageWrapper, Microsoft.Rest.ClientRuntime\",\"Method\":{\"$type\":\"System.Net.Http.HttpMethod, System.Net.Http\",\"Method\":\"PUT\"},\"RequestUri\":\"https://management.azure.com/subscriptions/guidd/resourceGroups/{dns}/providers/Microsoft.Network/dnsZones/{dns}/TXT/_acme-challenge?api-version=2018-05-01\",\"Properties\":{\"$type\":\"System.Collections.Generic.Dictionary`2[[System.String, System.Private.CoreLib],[System.Object, System.Private.CoreLib]], System.Private.CoreLib\"},\"Content\":\"{\r\n \\"properties\\": {\r\n \\"TTL\\": 60,\r\n \\"TXTRecords\\": [\r\n {\r\n \\"value\\": [\r\n \\"uDgXal2GO-Bqp-l2I5tIvzOMfsAcyAG4QsPMwX1Qy1c\\"\r\n ]\r\n }\r\n ]\r\n }\r\n}\",\"Headers\":{\"$type\":\"System.Collections.Generic.Dictionary2[[System.String, System.Private.CoreLib],[System.Collections.Generic.IEnumerable1[[System.String, System.Private.CoreLib]], System.Private.CoreLib]], System.Private.CoreLib\",\"x-ms-client-request-id\":[\"7829b616-f77c-4da2-b198-0fc4d8d60454\"],\"Accept-Language\":[\"en-US\"],\"Authorization\":[\"Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImtnMkxZczJUMENUaklmajRydDZKSXluZW4zOCIsImtpZCI6ImtnMkxZczJUMENUaklmajRydDZKSXluZW4zOCJ9.eyJhdWQiOiJodHRwczovL21hbmFnZW1lbnQuYXp1cmUuY29tIiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvZDQ4NWEyN2QtMjg4OS00MDdiLTlkYTAtOGU3ZTUyMWY4M2MzLyIsImlhdCI6MTYwMjEwODE4MiwibmJmIjoxNjAyMTA4MTgyLCJleHAiOjE2MDIxOTQ4ODIsImFpbyI6IkUyUmdZSkNOT25NbDU4R2pyaGJPWEozSEc4ejNBQUE9IiwiYXBwaWQiOiIxMTRjMjY2Yy02NDU5LTRiZWYtYmY2NS1jYWZmMzI0OTIzZTgiLCJhcHBpZGFjciI6IjIiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9kNDg1YTI3ZC0yODg5LTQwN2ItOWRhMC04ZTdlNTIxZjgzYzMvIiwib2lkIjoiN2Q5OWQ1ZTMtMzcyZS00MTFlLTllNDUtZWFlM2Y2Yjg0NDlhIiwicmgiOiIwLkFBQUFmYUtGMUlrb2UwQ2RvSTUtVWgtRHcyd21UQkZaWk85THYyWEtfekpKSS1nbUFBQS4iLCJzdWIiOiI3ZDk5ZDVlMy0zNzJlLTQxMWUtOWU0NS1lYWUzZjZiODQ0OWEiLCJ0aWQiOiJkNDg1YTI3ZC0yODg5LTQwN2ItOWRhMC04ZTdlNTIxZjgzYzMiLCJ1dGkiOiJGNmF2dG1aWXJrYXhiYjMxMG1NLUFBIiwidmVyIjoiMS4wIiwieG1zX21pcmlkIjoiL3N1YnNjcmlwdGlvbnMvY2U5ZDQ0MmEtNzFiZS00Y2JjLWE5NGQtOTc2MWUxYWM2YzZjL3Jlc291cmNlZ3JvdXBzL3Byb3BlcnR5cmV2aWV3c3NsL3Byb3ZpZGVycy9NaWNyb3NvZnQuV2ViL3NpdGVzL2Z1bmMtcHItc3NsLWFjcjYiLCJ4bXNfdGNkdCI6MTM2NzQ2MzUzOH0.iOgzpW0GIer4bsIpJByt3fmMe1VukeXr2irAXXw1p62zA2B_pU87ZXCWYqSL2c1JIZX5cZciX_3uNeBPxIE1WC4u9OAxxoqz3ycxPplSWqL6FLWy-p17siNCHnKhJpro-cqUn0dBB1NchO9o8uPQ7NUqWT5ROJxkHWt7fxojc9NdX4fg5xh4xB6Wcrm9hSptEjD4wKhrwObA5GCkNhEKVljuMupT_Yr4_tJluQ2o_61_XPcB_d3tBOp8xqi3RIJcwQZKKJfhV8hwWxULtbctMlP6nmYj7CitBtXbNDrafpuLfMJX9Cz25_NlOMXZqm5SW9IESxuHN7I_SyyYncK_fQ\"],\"User-Agent\":[\"FxVersion/4.700.20.41105\",\"OSName/Windows\",\"OSVersion/MicrosoftWindows10.0.14393\",\"Microsoft.Azure.Management.Dns.DnsManagementClient/3.0.1.0\"],\"Request-Context\":[\"appId=cid-v1:1fbb52c1-954b-4910-a15f-0acfa15915c7\"],\"Request-Id\":[\"|493b9ef655daa347875a54a593d9c77b.dd234f86665d3548.\"],\"traceparent\":[\"00-493b9ef655daa347875a54a593d9c77b-dd234f86665d3548-00\"],\"Content-Type\":[\"application/json; charset=utf-8\"],\"Content-Length\":[\"178\"]}},\"Response\":{\"$type\":\"Microsoft.Rest.HttpResponseMessageWrapper, Microsoft.Rest.ClientRuntime\",\"StatusCode\":409,\"ReasonPhrase\":\"Conflict\",\"Content\":\"{\\"code\\":\\"Conflict\\",\\"message\\":\\"The record could not be created because a CNAME record with the same name already exists in this zone.\\"}\",\"Headers\":{\"$type\":\"System.Collections.Generic.Dictionary2[[System.String, System.Private.CoreLib],[System.Collections.Generic.IEnumerable1[[System.String, System.Private.CoreLib]], System.Private.CoreLib]], System.Private.CoreLib\",\"Cache-Control\":[\"private\"],\"X-Content-Type-Options\":[\"nosniff\"],\"Strict-Transport-Security\":[\"max-age=31536000; includeSubDomains\"],\"x-ms-request-id\":[\"7829b616-f77c-4da2-b198-0fc4d8d60454\"],\"Server\":[\"Microsoft-IIS/10.0\"],\"X-Powered-By\":[\"ASP.NET\"],\"x-ms-ratelimit-remaining-subscription-resource-requests\":[\"11999\"],\"x-ms-correlation-request-id\":[\"285ffb94-082f-454b-96ab-4d886b546502\"],\"x-ms-routing-request-id\":[\"AUSTRALIASOUTHEAST:20201007T221234Z:285ffb94-082f-454b-96ab-4d886b546502\"],\"Date\":[\"Wed, 07 Oct 2020 22:12:33 GMT\"],\"Content-Length\":[\"134\"],\"Content-Type\":[\"application/json; charset=utf-8\"]}},\"Body\":{\"$type\":\"Microsoft.Rest.Azure.CloudError, Microsoft.Rest.ClientRuntime.Azure\",\"Code\":\"Conflict\",\"Message\":\"The record could not be created because a CNAME record with the same name already exists in this zone.\",\"Target\":null,\"Details\":[],\"AdditionalInfo\":[]},\"RequestId\":\"7829b616-f77c-4da2-b198-0fc4d8d60454\",\"StackTrace\":\" at Microsoft.Azure.Management.Dns.RecordSetsOperations.CreateOrUpdateWithHttpMessagesAsync(String resourceGroupName, String zoneName, String relativeRecordSetName, RecordType recordType, RecordSet parameters, String ifMatch, String ifNoneMatch, Dictionary2 customHeaders, CancellationToken cancellationToken)\\r\\n at Microsoft.Azure.Management.Dns.RecordSetsOperationsExtensions.CreateOrUpdateAsync(IRecordSetsOperations operations, String resourceGroupName, String zoneName, String relativeRecordSetName, RecordType recordType, RecordSet parameters, String ifMatch, String ifNoneMatch, CancellationToken cancellationToken)\\r\\n at KeyVault.Acmebot.Providers.AzureDnsProvider.CreateTxtRecordAsync(DnsZone zone, String relativeRecordName, IEnumerable1 values) in /home/runner/work/keyvault-acmebot/keyvault-acmebot/KeyVault.Acmebot/Providers/AzureDnsProvider.cs:line 47\r\n at KeyVault.Acmebot.SharedFunctions.Dns01Authorization(String[] authorizationUrls) in /home/runner/work/keyvault-acmebot/keyvault-acmebot/KeyVault.Acmebot/SharedFunctions.cs:line 211\r\n at Microsoft.Azure.WebJobs.Host.Executors.FunctionInvoker`2.InvokeAsync(Object instance, Object[] arguments) in C:\\projects\\azure-webjobs-sdk-rqm4t\\src\\Microsoft.Azure.WebJobs.Host\\Executors\\FunctionInvoker.cs:line 52\r\n at Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.InvokeAsync(IFunctionInvoker invoker, ParameterHelper parameterHelper, CancellationTokenSource timeoutTokenSource, CancellationTokenSource functionCancellationTokenSource, Boolean throwOnTimeout, TimeSpan timerInterval, IFunctionInstance instance) in C:\\projects\\azure-webjobs-sdk-rqm4t\\src\\Microsoft.Azure.WebJobs.Host\\Executors\\FunctionExecutor.cs:line 539\r\n at Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithWatchersAsync(IFunctionInstanceEx instance, ParameterHelper parameterHelper, ILogger logger, CancellationTokenSource functionCancellationTokenSource) in C:\\projects\\azure-webjobs-sdk-rqm4t\\src\\Microsoft.Azure.WebJobs.Host\\Executors\\FunctionExecutor.cs:line 486\r\n at Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(IFunctionInstanceEx instance, ParameterHelper parameterHelper, IFunctionOutputDefinition outputDefinition, ILogger logger, CancellationTokenSource functionCancellationTokenSource) in C:\\projects\\azure-webjobs-sdk-rqm4t\\src\\Microsoft.Azure.WebJobs.Host\\Executors\\FunctionExecutor.cs:line 430\r\n at Microsoft.Azure.WebJobs.Host.Executors.FunctionExecutor.ExecuteWithLoggingAsync(IFunctionInstanceEx instance, FunctionStartedMessage message, FunctionInstanceLogEntry instanceLogEntry, ParameterHelper parameterHelper, ILogger logger, CancellationToken cancellationToken) in C:\\projects\\azure-webjobs-sdk-rqm4t\\src\\Microsoft.Azure.WebJobs.Host\\Executors\\FunctionExecutor.cs:line 239\",\"Message\":\"The record could not be created because a CNAME record with the same name already exists in this zone.\",\"Data\":{\"$type\":\"System.Collections.ListDictionaryInternal, System.Private.CoreLib\"},\"InnerException\":null,\"HelpLink\":null,\"Source\":\"Microsoft.Azure.Management.Dns\",\"HResult\":-2146233088}\". See the function execution logs for additional details.", "traceId": "00-d5658653748b624d907b80ef8c814e9a-e9961ca50e357a4d-00" }

To Reproduce Steps to reproduce the behavior: On the add certificate page, 1) select DNS Zone 2) without entering subdomain, click add 3) submit

Environment (please complete the following information):

Additional context Add any other context about the problem here.

shibayan commented 4 years ago

Not a bug.

The record could not be created because a CNAME record with the same name already exists in this zone.