Hello,
25.7.5 works very well, thanks a lot.
However, I have just noticed a problem:
In ACME, certificate renewal fails during IPV64 (DNS-01)
verification with the following error messages in the System-log:
AcmeClient: validation for certificate failed: xyz.ipv64.net
opnsenseAcmeClient: domain validation failed (dns01)
opnsenseAcmeClient: AcmeClient: The shell command returned exit code '1': ...
opnsenseAcmeClient: using challenge type: yxz-ipv64-validation
opnsenseAcmeClient: account config is valid (CERT_HOME): xyz-ipv64-account
opnsenseAcmeClient: account is registered: xyz-ipv64-account
opnsenseAcmeClient: using CA: letsencrypt
opnsenseAcmeClient: issue certificate: xyz.ipv64.net
In ACME-log:
acme.sh[Sun Oct 12 10:03:54 CEST 2025] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh
acme.sh[Sun Oct 12 10:03:54 CEST 2025] Please add '--debug' or '--log' to see more information.
acme.sh[Sun Oct 12 10:03:54 CEST 2025] Error adding TXT record to domain: _acme-challenge.xyz.ipv64.net
acme.sh[Sun Oct 12 10:03:54 CEST 2025] invalid domain='_acme-challenge.xyz.ipv64.net'
acme.sh[Sun Oct 12 10:03:54 CEST 2025] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7
acme.sh[Sun Oct 12 10:03:54 CEST 2025] Adding TXT value: (Value for TXT record) for domain: _acme-challenge.xyz.ipv64.net
acme.sh[Sun Oct 12 10:03:54 CEST 2025] Getting webroot for domain='*.xyz.ipv64.net'
acme.sh[Sun Oct 12 10:03:54 CEST 2025] Getting webroot for domain='xyz.ipv64.net'
acme.sh[Sun Oct 12 10:03:52 CEST 2025] Multi domain='DNS:xyz.ipv64.net,DNS:*.xyz.ipv64.net'
This is reproducable on serveral systems with 25.7.5 and different ipv64-domains.
On systems with <25.7.5 renewing works without any problem.
Do you have an idea ?
Thanks a lot.
Now it works. Seems that IPV64 changed something.