Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

domain_name not given or empty #12

Open
huziahmetovsv opened this issue Nov 15, 2023 · 4 comments · May be fixed by #13
Open

domain_name not given or empty #12

huziahmetovsv opened this issue Nov 15, 2023 · 4 comments · May be fixed by #13

Comments

@huziahmetovsv
Copy link

huziahmetovsv commented Nov 15, 2023

Hi. Tryed to issue wildcard certificate with manifest:

- apiVersion: cert-manager.io/v1
      kind: Certificate
      metadata:
        name: wildcard-infra-example-com
      spec:
        secretName: wildcard-infra-example-com-secret
        issuerRef:
          name: regru-dns
          kind: ClusterIssuer
        dnsNames:
          - *.infra.example.com

But in pod log see url:
api.reg.ru/api/regru2/zone/add_txt?input_data=%7B%22username%22%3A%22my_regru_user%22%2C%22password%22%3A%22smy_regru_password%22%2C%22domains%22%3A%5B%7B%22dname%22%3A%22%22%7D%5D%2C%22subdomain%22%3A%22_acme-challenge.infra.example.com.%22%2C%22text%22%3A%22CIFuiEULSPsSYQIemqFM0-dAreebSWy-LdWUw_QoMzw%22%2C%22output_content_type%22%3A%22plain%22%7D&input_format=json

And error responce from api:

{
   "answer" : {
      "domains" : [
         {
            "error_code" : "NO_DOMAIN",
            "error_text" : "domain_name not given or empty",
            "result" : "error"
         }
      ]
   },
   "charset" : "utf-8",
   "messagestore" : null,
   "result" : "success"
}

As i understand, from api docs, my url format whong, it shoul be
api.reg.ru/api/regru2/zone/add_txt?input_data=%7B%22username%22%3A%22test%22%2C%22password%22%3A%22test%22%2C%22domains%22%3A%5B%7B%22dname%22%3A%22test.ru%22%7D%2C%7B%22dname%22%3A%22test.com%22%7D%5D%2C%22subdomain%22%3A%22mail%22%2C%22text%22%3A%22testmail%22%2C%22output_content_type%22%3A%22plain%22%7D&input_format=json

@c0rnoTa
Copy link
Contributor

c0rnoTa commented Nov 17, 2023

@huziahmetovsv
It could be wired with an issue, that issuer could not correctly detect the root zone of third-level domain, that should be used in API call. So, it's tried to receive NS zone for .infra.example.com. but you could have domain example.com in reg.ru account and no NS records exists for .infra.example.com.
It's not only about wildcards, but for any third-level domains. In my case, that was received in my system, reg.ru client produced a panic while trying to get zone non existing element of an array of domain part (devided by dots). I have made another version of dirty hack to mitigate this :)
Take a look on my fork https://github.com/c0rnoTa/cert-manager-webhook-regru
Version 1.1.5 should be useful in your case.

@c0rnoTa c0rnoTa linked a pull request Nov 17, 2023 that will close this issue
@huziahmetovsv
Copy link
Author

@huziahmetovsv It could be wired with an issue, that issuer could not correctly detect the root zone of third-level domain, that should be used in API call. So, it's tried to receive NS zone for .infra.example.com. but you could have domain example.com in reg.ru account and no NS records exists for .infra.example.com. It's not only about wildcards, but for any third-level domains. In my case, that was received in my system, reg.ru client produced a panic while trying to get zone non existing element of an array of domain part (devided by dots). I have made another version of dirty hack to mitigate this :) Take a look on my fork https://github.com/c0rnoTa/cert-manager-webhook-regru Version 1.1.5 should be useful in your case.

well, same behawor for example.com. But for example.com i have NS records

nslookup -q=ns example.com 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8#53

Non-authoritative answer:
example.com        nameserver = ns1.reg.ru.
example.com        nameserver = ns2.reg.ru.

How can i install your fork with helm?

@c0rnoTa
Copy link
Contributor

c0rnoTa commented Nov 18, 2023

@huziahmetovsv set issuer.image in values to ghcr.io/c0rnota/cluster-issuer-regru:1.1.5 and upgrade helm release in k8s

@huziahmetovsv
Copy link
Author

@huziahmetovsv set issuer.image in values to ghcr.io/c0rnota/cluster-issuer-regru:1.1.5 and upgrade helm release in k8s

Thank you, worked like charm for *.infra.example.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants