"
Ignore - it was the SAN thing again afterall!
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
General Discussion / Re: ACME Client With Cloudflare Invalid Domain Error
March 20, 2026, 04:00:17 PM #2
General Discussion / ACME Client With Cloudflare Invalid Domain Error
March 20, 2026, 02:03:43 PM
Can anybody help an advanced beginner with this quarter's ACME issue?
Last time my certificates needed renewing I managed to fix the error which seemed to be related to Subject Alternate Names but this time I don't have any SAN involved but am getting the Invalid Domain error using a DNS01 challenge type
I found one suggestion to amend /usr/local/share/examples/acme.sh/dnsapi/dns_cf.sh but that didn't help
Opnsense version is 26.1.4
Last time my certificates needed renewing I managed to fix the error which seemed to be related to Subject Alternate Names but this time I don't have any SAN involved but am getting the Invalid Domain error using a DNS01 challenge type
I found one suggestion to amend /usr/local/share/examples/acme.sh/dnsapi/dns_cf.sh but that didn't help
Opnsense version is 26.1.4
#3
25.7, 25.10 Series / Re: DNS Blocked by Default Rule
January 08, 2026, 04:55:05 PM
Thanks for the clarification Patrick.
#4
25.7, 25.10 Series / DNS Blocked by Default Rule
January 08, 2026, 04:31:07 PM
I have been searching for an answer as to why DNS requests to Unbound from a VLAN interface get blocked by the default deny/state violation rule, even though the source and destination IP's are on the same subnet
I seem to have to create a specific firewall rule to allow devices on the subnet to talk to the DNS server on their own gateway IP?
I seem to have to create a specific firewall rule to allow devices on the subnet to talk to the DNS server on their own gateway IP?
Pages1
