On 26-06-2022 23:19, Mark Andrews wrote:
The names of name servers need to follow the rules for hostnames.
i.e. the labels are made up of letters, digits and hyphens (LDH).
That means the name servers can’t live in the zone. There should be
no A or AAAA records in the zone.
Similarly there can’t be MX records as they also are restricted to
LDH.
Thank you for clarifying. That helped me understand where I went wrong.
Let’s Encrypt isn’t asking for exceptions to the rules. Your
assumptions in your question are wrong. Check-names just stops people
breaking the rules accidentally. If you saw instructions to set
‘check-names no;’ please go back and correct the instructions to say
to use a valid hostnames for the name servers.
I didn't mean to imply that Let's Encrypt is asking for exceptions.
And check-names did indeed prevent me from doing something stupid. I
found my mistake after re-reading the output I got from named-checkconf
and corrected it. It works now without check-names being modified.
The Let's Encrypt dns-01 challenge also succeeded.
-- Sandro
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
