Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloudflare-dns.com is too slow #3437

Closed
VityaSchel opened this issue Mar 4, 2021 · 9 comments
Closed

cloudflare-dns.com is too slow #3437

VityaSchel opened this issue Mar 4, 2021 · 9 comments

Comments

@VityaSchel
Copy link

When I issue new certificate, acme.sh request https://cloudflare-dns.com/dns-query?name=_acme-challenge.my.domain&type=TXT with curl. It takes about 15 minutes to get done for only 1 domain and after that acmesh throws some error in curl. I also tried to go to the cloudflare-dns.com manually from my PC browser and it won't load. Cloudflare Status says DNS lookup is operational in my region. Maybe switch to another dns lookup?
@Spinestars
Copy link

表示阿里云的国内服务器,这个地址现在不可访问了,导致证书check,一直报curl代理错误

@Neilpang
Copy link
Member

Neilpang commented Mar 5, 2021

https://github.com/acmesh-official/acme.sh/wiki/dnscheck

@rr307
Copy link

rr307 commented Mar 16, 2021

表示阿里云的国内服务器,这个地址现在不可访问了,导致证书check,一直报curl代理错误

解决了,编辑 acme.sh

替换这两个地方的代码
`
#domain, type
_ns_lookup_google() {
_cf_ld="$1"
_cf_ld_type="$2"
#_cf_ep="https://dns.google/resolve"
_cf_ep="https://dns.alidns.com/resolve"
_ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
}

_ns_lookup_cf() {
_cf_ld="$1"
_cf_ld_type="$2"
#_cf_ep="https://cloudflare-dns.com/dns-query"
_cf_ep="https://doh.pub/dns-query"
_ns_lookup_impl "$_cf_ep" "$_cf_ld" "$_cf_ld_type"
}
`

@NullYing
Copy link

NullYing commented Apr 9, 2021
edited
Loading

https://github.com/acmesh-official/acme.sh/wiki/dnscheck

加dnssleep 300成功,但https://acme-v02.api.letsencrypt.org访问不了

@marcoczen
Copy link

marcoczen commented Apr 14, 2021
edited
Loading

Hi ... in cron, where do we add option --dnssleep 300

In crontab ( crontab -l ) i have ;

19 0 * * * "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh" > /dev/null

Or do we have to re-request the certs manually and follow through ?

@marcoczen
Copy link

Partial answer recived at ;

#3484

@jwomackgsa
Copy link

jwomackgsa commented Apr 23, 2021
edited
Loading

Possible to add a command line override to point to the DNS server of your choice? I currently have to use the dnssleep option when we run acme.sh against our internal ACME RA and internal dns as the public DNS is unaware and usually the server running the client can't even reach the internet. If we could add like --dnscheck-server mydns.internal then I could still get the benefit of the client side validation / propagation with internal DNS.

@Neilpang
Copy link
Member

Neilpang commented May 3, 2021

@jwomackgsa

If we could add like --dnscheck-server mydns.internal then I could still get the benefit o

No, please use --dnssleep, it's the best for you.

@Neilpang Neilpang closed this as completed May 3, 2021
@Neilpang
Copy link
Member

Neilpang commented May 3, 2021

请查看这个 issue:
#3487

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@Spinestars @Neilpang @NullYing @marcoczen @jwomackgsa @VityaSchel @rr307