I might be misunderstanding this discussion, but the propagation check is resolving <something>.acme-dns.io
because certmagic
is following a CNAME
record (as it should):
_acme-challenge.sa.see.trosint.ovh. 3600 IN CNAME 3b13c262-628e-4576-8a38-3b5f52a77896.auth.acme-dns.io.
Not because of something specific that acmedns
plugin does. Relevant certmagic code.
But I think @Hendrik_Visage has a problem with the fact that certmagic
sends a DNS query to ns.auth.acme-dns.io
authoritative nameservers directly instead of getting the TXT record from their DNS server. If I read the code correctly, certmagic
tries to follow CNAME
records when first attempt to fetch the TXT from the default DNS servers fails: code here.
@Hendrik_Visage , could you try restarting Caddy (forcing it to try to get a certificate) and then running
dig _acme-challenge.sa.see.trosint.ovh -t TXT
Does it find any TXT records?