Hi there,
I addition to our working httpChallenge setup with letsencrypt I am trying to get dnsChallenge working now. However, whatever I specify as TSIG_ALGORITHM triggers the following error:
level=error msg="Unable to obtain ACME certificate for domains \"example.com,*.example.com\":
unable to generate a certificate for the domains [*.example.com]: acme: Error -> One or more domains
had a problem:\n[*.example.com] [*.example.com acme: error presenting token: rfc2136: failed to insert:
DNS update failed: dns: bad key algorithm\n[example.com] [example.com] acme: error presenting token:
rfc2136: failed to insert: DNS update failed: dns: bad key algorithm\n" providerName=letsencrypt-
rfc2136.acme routerName=whoami@docker rule="Host(`example.com`, `*.example.com`)"
All tsig-related info is passed as environment variables via a docker-compose.yml file. I tried the following values for algorithm:
HMAC-MD5
HmacMD5
hmacmd5
HMAC_MD5
hmac-md5
but all I get is the error message stated above.
Grateful for any hints given
BTW: we use this mechnism on our own DNS-servers quite successfully by means of bind's nsupdate and some shell scripts.