Let's Encrypt Certificate Validation timeout not being honored

[Kwolfe19]

So I've got Let's Encrypt configured with a validation method using DNS-01. I'm using NameSilo as my DNS provider and they only publish DNS records every 15 minutes. So I configured a timeout of 17 minutes (1020 seconds in Validation screen). When I look into the log files, I see this line:

Code Select Expand

Sleep 960 seconds for the txt records to take effect

Which is not 1020, that I expected.

Am I doing something wrong?

[Kwolfe19]

Ok, I see the problem in the code (or at least it seems to be a problem), where the timeout value is hardcoded to 960 in DnsNamesilo.php. I will open an issue for it.

Code Select Expand

class DnsNamesilo extends Base implements LeValidationInterface
{
    public function prepare()
    {
        $this->acme_env['Namesilo_Key'] = (string)$this->config->dns_namesilo_key;
        // Namesilo applies changes to DNS records only every 15 minutes.
        $this->acme_args[] = '--dnssleep 960';
    }
}

https://github.com/opnsense/plugins/blob/master/security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsNamesilo.php

[Kwolfe19]

I've filed this issue after looking at the code, in case anyone is interested...

https://github.com/opnsense/plugins/issues/2121