Hello !
so it seems I will not be able to access my home lab from outside through TalkTalk eero unless it is deemed 'secure enough'.
I have followed all the steps necessary to configure ACME. My domain is with OVH.
API Key has been configured and given PUT, GET, POST and DELETE permissions to /domain/zone/* with no restriction to any IP.
I have configured ACME account and DNS plugin with API strings and tried to generate a certificate for the node0:
(domain name removed,redacted sensitive parts out)
Loading ACME account details
Placing ACME order
Order URL: https://acme-v02.api.letsencrypt.org/acme/order/2210618425/[redacted]
Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz/[redacted]'
The validation for node0.[redacted].uk is pending!
[Wed Feb 5 11:28:39 GMT 2025] Using OVH endpoint: https://eu.api.ovh.com/
[Wed Feb 5 11:28:39 GMT 2025] Checking authentication
[Wed Feb 5 11:28:39 GMT 2025] Consumer key is ok.
[Wed Feb 5 11:28:39 GMT 2025] Adding record
[Wed Feb 5 11:28:39 GMT 2025] Add txt record error.
[Wed Feb 5 11:28:39 GMT 2025] Error add txt for domain:_acme-challenge.node0.[redacted].uk
TASK ERROR: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup ovh node0.[redacted].uk' failed: exit code 1
Any ideas as to what could be going wrong ?
Can I at least get a confirmation that everything checks out on pve side and it is most likely DNS permission on hosting provider side ?
having looked at https://forum.proxmox.com/threads/acme-dns-certificate-renewal-failed-pm-ve-7-4-3.125767/ I have changed DEBUG to 1 in ACME and changed _debug to _info in dnsapi for $data and $response.
But I have no clue which log to check for the output. please help - thanks !
so it seems I will not be able to access my home lab from outside through TalkTalk eero unless it is deemed 'secure enough'.
I have followed all the steps necessary to configure ACME. My domain is with OVH.
API Key has been configured and given PUT, GET, POST and DELETE permissions to /domain/zone/* with no restriction to any IP.
I have configured ACME account and DNS plugin with API strings and tried to generate a certificate for the node0:
(domain name removed,redacted sensitive parts out)
Loading ACME account details
Placing ACME order
Order URL: https://acme-v02.api.letsencrypt.org/acme/order/2210618425/[redacted]
Getting authorization details from 'https://acme-v02.api.letsencrypt.org/acme/authz/[redacted]'
The validation for node0.[redacted].uk is pending!
[Wed Feb 5 11:28:39 GMT 2025] Using OVH endpoint: https://eu.api.ovh.com/
[Wed Feb 5 11:28:39 GMT 2025] Checking authentication
[Wed Feb 5 11:28:39 GMT 2025] Consumer key is ok.
[Wed Feb 5 11:28:39 GMT 2025] Adding record
[Wed Feb 5 11:28:39 GMT 2025] Add txt record error.
[Wed Feb 5 11:28:39 GMT 2025] Error add txt for domain:_acme-challenge.node0.[redacted].uk
TASK ERROR: command 'setpriv --reuid nobody --regid nogroup --clear-groups --reset-env -- /bin/bash /usr/share/proxmox-acme/proxmox-acme setup ovh node0.[redacted].uk' failed: exit code 1
Any ideas as to what could be going wrong ?
Can I at least get a confirmation that everything checks out on pve side and it is most likely DNS permission on hosting provider side ?
having looked at https://forum.proxmox.com/threads/acme-dns-certificate-renewal-failed-pm-ve-7-4-3.125767/ I have changed DEBUG to 1 in ACME and changed _debug to _info in dnsapi for $data and $response.
But I have no clue which log to check for the output. please help - thanks !