What happened?
Just started out with Cosmos, I like the onboarding. I set up the DNS challenge for Cloudflare + Wildcard certificate.
But then comes the issue. I want to use Cosmos in a private network. Additionally the private network is forced to use NextDNS. I think this causes some problems with DNS-Lookup/DNSSEC (most likely because of CNAME Flattening).
What should have happened?
Add an additional field for a DNS which is used for the LetsEncrypt lookups only. Caddy does something similiar with 'resolvers' in the tls directive.
How to reproduce the bug?
- Onboard in a private Network which forces NextDNS + CNAME Flattening
- DNSSEC fails
- No Certificates
Relevant log output
2023/07/08 03:05:47 [ERROR] LETSENCRYPT_OBTAIN : error: one or more domains had a problem:
[schmu.li] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: looking up A for <DOMAIN>: DNSSEC: RRSIGs Missing; DNS problem: looking up AAAA for <DOMAIN>: DNSSEC: RRSIGs Missing
2023/07/08 03:05:47 [ERROR] Getting TLS certificate. Fallback to SELFSIGNED certificates :
Other details
No response
System details
Cosmos:latest
What happened?
Just started out with Cosmos, I like the onboarding. I set up the DNS challenge for Cloudflare + Wildcard certificate.
But then comes the issue. I want to use Cosmos in a private network. Additionally the private network is forced to use NextDNS. I think this causes some problems with DNS-Lookup/DNSSEC (most likely because of CNAME Flattening).
What should have happened?
Add an additional field for a DNS which is used for the LetsEncrypt lookups only. Caddy does something similiar with 'resolvers' in the tls directive.
How to reproduce the bug?
Relevant log output
Other details
No response
System details
Cosmos:latest