DNS challenge with godaddy => could not determine authoritative nameservers

edit: I'm 99% certain this is a problem with godaddy as a provider. It worked with route53. And to answer the DNS entry question: it seems there are no records added except for what's need for the acme validation. Please correct me if I'm wrong.

I had detailed everything before: silly bug report on github

The response I got was that the domain was wrong but that's because I edited out the real domain that I'm trying to use. The problem happens even with a domain that works with dig.

Looking at other tutorials around the internet I can only find examples for traefik 1.x and it seems there were significant changes (I'm not using a traefik.toml atm?!?).

Since I'm trying to run the exact example from the documentation I'm surprised it's not working.

I get the same results whether I manually add a dns entry for the subdomain that I'm trying to use or not. I was hoping that traefik would create the dns entry. Is it supposed to do that with this method?

When I go into the traefik container and run dig there is no problem. I'd really appreciate some hints.


# Logs
"Configuration received from provider docker: {\"http\":{\"routers\":{\"whoami\":{\"entryPoints\":[\"websecure\"],\"service\":\"whoami-playtime\",\"rule\":\"Host(`whoami.domain.net`)\",\"tls\":{\"certResolver\":\"mydnschallenge\"}}},\"services\":{\"whoami-playtime\":{\"loadBalancer\":{\"servers\":[{\"url\":\"\"}],\"passHostHeader\":true}}}},\"tcp\":{}}" providerName=docker
"Creating middleware" middlewareName=pipelining middlewareType=Pipelining serviceName=whoami-playtime entryPointName=websecure routerName=whoami@docker
"Creating load-balancer" routerName=whoami@docker serviceName=whoami-playtime entryPointName=websecure
"Creating server 0" serviceName=whoami-playtime entryPointName=websecure routerName=whoami@docker serverName=0
"Added outgoing tracing middleware whoami-playtime" middlewareName=tracing middlewareType=TracingForwarder routerName=whoami@docker entryPointName=websecure
"Creating middleware" entryPointName=websecure middlewareName=traefik-internal-recovery middlewareType=Recovery
"No default certificate, generating one"
"Try to challenge certificate for domain [whoami.domain.net] founded in HostSNI rule" providerName=mydnschallenge.acme routerName=whoami rule="Host(`whoami.domain.net`)"
"Looking for provided certificate(s) to validate [\"whoami.domain.net\"]..." rule="Host(`whoami.domain.net`)" providerName=mydnschallenge.acme routerName=whoami
"Domains [\"whoami.domain.net\"] need ACME certificates generation for domains \"whoami.domain.net\"." providerName=mydnschallenge.acme routerName=whoami rule="Host(`whoami.domain.net`)"
"Loading ACME certificates [whoami.domain.net]..." providerName=mydnschallenge.acme routerName=whoami rule="Host(`whoami.domain.net`)"
"Building ACME client..." providerName=mydnschallenge.acme
"https://acme-staging-v02.api.letsencrypt.org/directory" providerName=mydnschallenge.acme
"Using DNS Challenge provider: godaddy" providerName=mydnschallenge.acme
"legolog: [INFO] [whoami.domain.net] acme: Obtaining bundled SAN certificate"
"legolog: [INFO] [whoami.domain.net] AuthURL: https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/11995534"
"legolog: [INFO] [whoami.domain.net] acme: Could not find solver for: tls-alpn-01"
"legolog: [INFO] [whoami.domain.net] acme: Could not find solver for: http-01"
"legolog: [INFO] [whoami.domain.net] acme: use dns-01 solver"
"legolog: [INFO] [whoami.domain.net] acme: Preparing to solve DNS-01"
"legolog: [INFO] [whoami.domain.net] acme: Trying to solve DNS-01"
"legolog: [INFO] [whoami.domain.net] acme: Checking DNS record propagation using []"
"legolog: [INFO] Wait for propagation [timeout: 2m0s, interval: 2s]"
"legolog: [INFO] [whoami.domain.net] acme: Waiting for DNS record propagation."
msg="Unable to obtain ACME certificate for domains \"whoami.domain.net\": unable to generate a certificate for the domains [whoami.domain.net]: acme: Error -> One or more domains had a problem:\n[whoami.domain.net] time limit exceeded: last error: could not determine authoritative nameservers\n" providerName=mydnschallenge.acme routerName=whoami rule="Host(`whoami.domain.net`)"
## docker-compose.yml
version: "3.3"


    image: "traefik:v2.0.1"
    container_name: "traefik"
      - "--log.level=DEBUG"
      - "--api.insecure=true"
      - "--providers.docker=true"
      - "--providers.docker.exposedbydefault=false"
      - "--entrypoints.web.address=:80"
      - "--entrypoints.websecure.address=:443"
      - "--certificatesresolvers.mydnschallenge.acme.dnschallenge=true"
      - "--certificatesresolvers.mydnschallenge.acme.dnschallenge.provider=godaddy"
      - "--certificatesresolvers.mydnschallenge.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
      - "--certificatesresolvers.mydnschallenge.acme.email=my@mail.org"
      - "--certificatesresolvers.mydnschallenge.acme.storage=/letsencrypt/acme.json"
      - "80:80"
      - "443:443"
      - "8080:8080"
      - "GODADDY_API_SECRET=secret"
      - "GODADDY_API_KEY=key"
      - "./letsencrypt:/letsencrypt"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"

    image: "containous/whoami"
    container_name: "simple-service"
      - "traefik.enable=true"
      - "traefik.http.routers.whoami.rule=Host(`whoami.domain.net`)"
      - "traefik.http.routers.whoami.entrypoints=websecure"
      - "traefik.http.routers.whoami.tls.certresolver=mydnschallenge"

did you ever get this to work?