Hello,
I'm attempting to configure HAProxy & DPAPI (v3.3) for automatic certificate renewals via native ACME support and ran into the following error:
/var/log/dataplaneapi.log:
level=error msg="events: acme deploy: DNS solver: adding temporary record for zone \"mydomain.com.\": got error status: HTTP 400: [{Code:9021 Message:TTL must be between 60 and 86400 seconds, or 1 for Automatic. ErrorChain:[]}]
I have HAProxy configured as follows:
haproxy.cfg:
acme letsencrypt-prod
bits 2048
challenge DNS-01
contact myemail@example.org
directory https://acme-v02.api.letsencrypt.org/directory
keytype RSA
map virt@acme
provider-name cloudflare
acme-vars api_token=mytoken
Is there a way to override the TTL with which the TXT record is created? It seems like DPAPI is using a default TTL of 30 seconds but I'm not 100% certain. The minimum for Cloudflare appears to be 60 for non-enterprise customers.
Thank you!
Hello,
I'm attempting to configure HAProxy & DPAPI (v3.3) for automatic certificate renewals via native ACME support and ran into the following error:
I have HAProxy configured as follows:
Is there a way to override the TTL with which the TXT record is created? It seems like DPAPI is using a default TTL of 30 seconds but I'm not 100% certain. The minimum for Cloudflare appears to be 60 for non-enterprise customers.
Thank you!