letsencrypt & DNS issue

[GoNz0]

hi, I keep getting these in the system log running Merlins 384.3

Feb 18 11:20:23 kernel: /usr/sbin/acme-client: https://acme-v01.api.letsencrypt.org/acme/challenge/J*********************************A4k/35******892: bad response
Feb 18 11:20:23 kernel: /usr/sbin/acme-client: transfer buffer: [{ "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:connection", "detail": "DNS problem: NXDOMAIN looking up A for all.dnsomatic.com", "status": 400 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/J********************************A4k/35******892", "token": "fF9bTzBwdlk_CVz9vsYSXCYtXB6K05z4z-piV-POefM", "keyAuthorization": "fF9bTzBwdlk_CVz9vsYSXCYtXB6K05z4z-piV-POefM.j**************************B

Anyone know why?
dnscrypt is working though opendns, I send out my ddns via dnsomatic and that shows it has had an update this morning.

I reset the router last night and put the configs back via the restore utility posted on here.

Thanks.

 

[RMerlin]

DNS-o-Matic cannot be used with Let's Encrypt, because it's not an actual DDNS - it's just a service to update multiple DDNS services, therefore your router has no idea which DDNS hostname you are using.

 

[GoNz0]

Thanks.

 

[bilboSNB]

DNS-o-Matic cannot be used with Let's Encrypt, because it's not an actual DDNS - it's just a service to update multiple DDNS services, therefore your router has no idea which DDNS hostname you are using.

What would be the best way to have freedns.afraid and opendns update whilst utilising letsencrypt?

 

[RMerlin]

What would be the best way to have freedns.afraid and opendns update whilst utilising letsencrypt?

You can't. LE requires you to use one of the supported DDNS providers.

 

[bilboSNB]

I was thinking to use one of the built in providers on the ddns page and transfer the contents of my ddns-start to
dhcpc-event ?

Presumable ddns-start is only called when "custom" is selected?

 

[RMerlin]

I was thinking to use one of the built in providers on the ddns page and transfer the contents of my ddns-start to
dhcpc-event ?

Presumable ddns-start is only called when "custom" is selected?

No, it gets called at all time as long there's a DDNS service configured. That's how it allows you for instance to configure a second DDNS.

 

[Zirescu]

FYI - I have it working with namecheap and the custom script.

 

[Alfsu]

FYI - I have it working with namecheap and the custom script.

Hi there @Zirescu,

Would you share the method/procedure used?

Thanks,

 

[Zirescu]

@Alfus - this https://github.com/RMerl/asuswrt-merlin/wiki/DDNS-Sample-Scripts will get you started with the script you'll need for your DDNS provider. Once you've got the DDNS entry working you can enable the Let's Encrypt option. Eventually it'll do what it does and you should see Server Certificate populate. I don't recall doing anything else special. When you go back to the Network Map page you'll see the Let's Encrypt icon appear below the DDNS entry there.