[ANNOUNCE] node-red-contrib-letsencrypt : beta version

When I request a renewal, it appears to be making an attempt, but then I get this in the debug;
(NOTE, this is copied from a earlier DM, hence the date/times show 21 May - but just tried again & get the same result)

and this in the node-RED log;

21 May 11:49:09 - [info] [aedes broker:41b47ed.32a568] Binding aedes mqtt server on port: 1883
21 May 11:49:09 - [info] Server now running at http://127.0.0.1:2086/
21 May 11:49:09 - [info] [mqtt-broker:9e0fbc51.f0a3e] Connected to broker: mqtt://140.238.65.67:1883
21 May 11:49:25 - [warn] [acme-client:Certificate Management] Acme warning message = dns-01 challenge's `propagationDelay` not set, defaulting to 5000ms status =
21 May 11:49:31 - [info] [acme-client:Certificate Management] Acme certificate_order message =  status =
Error: DNS record deletion not yet propagated for _greenlock-dryrun-10495c40.firstimage.digitalnut.co.uk
at Function.verifyPropagation (/home/opc/.node-red/node_modules/acme-dns-01-cloudflare/index.js:139:13)
Waiting for 10000 ms before attempting propagation verification retry 1 / 30.
21 May 11:49:33 - [info] [acme-client:Certificate Management] Acme challenge_select message =  status =
21 May 11:49:33 - [info] [acme-client:Certificate Management] Acme _challenge_select message =  status =
21 May 11:49:39 - [error] [acme-client:Certificate Management] Error in CREATE_CERTIFICATE : Error: queryTxt ENOTFOUND _acme-challenge.firstimage.digitalnut.co.uk
{ Error: queryTxt ENOTFOUND _acme-challenge.firstimage.digitalnut.co.uk
at QueryReqWrap.onresolve [as oncomplete] (dns.js:196:19)
errno: 'ENOTFOUND',
code: 'ENOTFOUND',
syscall: 'queryTxt',
hostname: '_acme-challenge.firstimage.digitalnut.co.uk' }
Waiting for 10000 ms before attempting propagation verification retry 1 / 30.
Error: DNS record deletion not yet propagated for _greenlock-dryrun-10495c40.firstimage.digitalnut.co.uk
at Function.verifyPropagation (/home/opc/.node-red/node_modules/acme-dns-01-cloudflare/index.js:139:13)
Waiting for 10000 ms before attempting propagation verification retry 2 / 30.
{ Error: queryTxt ENOTFOUND _acme-challenge.firstimage.digitalnut.co.uk
at QueryReqWrap.onresolve [as oncomplete] (dns.js:196:19)
errno: 'ENOTFOUND',
code: 'ENOTFOUND',

I've googled the error, which brought me to this issue, and perhaps a workaround by changing the waitFor option to 20000.
I attempted to change Bart's code to increase the waitFor time to 20 seconds, but still did not work.

Hi Paul,
I didn't have time yet to investigate this problem with Cloudflare.
But could we continue this discussion in the LetsEncrypt topic, otherwise your issue is split across two topics. And since it is not related to this automatic certificate renewal pull request, it might be confusing for people reading in this topic...
Thanks!

I was intending to move it. Honest

I was using certbot so the error is different but I found I needed to set wide permissions for the API Token to work with the HA LetsEncrypt addon (https://community.cloudflare.com/t/unable-to-determine-zone-id/169111/2). The Key worked fine previously.

The 'normal' certbot wait is 30s IIRC.

Thanks Brian.
@BartButenaers has just updated the node-package, which appears to include a fix in the acme-dns-01-cloudflare node dependency.
I've just tried it, and despite a few false starts, it has obtained the certificates OK.

Paul

This topic was automatically closed after 60 days. New replies are no longer allowed.