DNS records

VenkataBalakrishnaRavipati-0151 0 Reputation points
2024-03-17T18:59:55.46+00:00

PS /home/venkata> dig TXT _acme-challenge.hrtest1.57.151.50.191.nip.io

; <<>> DiG 9.16.44 <<>> TXT _acme-challenge.hrtest1.57.151.50.191.nip.io

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9924

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 1224

; COOKIE: 3ef96ae327c97627 (echoed)

;; QUESTION SECTION:

;_acme-challenge.hrtest1.57.151.50.191.nip.io. IN TXT

;; AUTHORITY SECTION:

_acme-challenge.hrtest1.57.151.50.191.nip.io. 300 IN SOA ns1.nip.io. hostmaster.nip.io. 5 10800 3600 604600 3600

;; Query time: 19 msec

;; SERVER: 168.63.129.16#53(168.63.129.16)

;; WHEN: Sun Mar 17 18:46:28 UTC 2024

;; MSG SIZE rcvd: 136

PS /home/venkata> nslookup -type=TXT _acme-challenge.hrtest1.57.151.50.191.nip.io

Server: 168.63.129.16

Address: 168.63.129.16#53

Non-authoritative answer:

*** Can't find _acme-challenge.hrtest1.57.151.50.191.nip.io: No answer

Authoritative answers can be found from:

_acme-challenge.hrtest1.57.151.50.191.nip.io

    origin = ns1.nip.io

    mail addr = hostmaster.nip.io

    serial = 5

    refresh = 10800

    retry = 3600

    expire = 604600

    minimum = 3600         
``` DNS query for the TXT record **`_acme-challenge.hrtest1.57.151.50.191.nip.io`** did not return any answer.
Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
597 questions
Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,144 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. TP 76,286 Reputation points
    2024-03-18T12:18:39.3933333+00:00

    Hi,

    Based on the output of dig and nslookup, there is no TXT record, which makes sense since nip.io doesn't allow you to create TXT records.

    In regards to the output you are seeing, both dig and nslookup are showing you the same information, it is just how they format it is different. For example, the dig line that says:

    flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1

    is telling you there was no answer to your specific query. This is equivalent to the nslookup line that says:

    *** Can't find _acme-challenge.hrtest1.57.151.50.191.nip.io: No answer

    Do you see what I mean? Both dig and nslookup told you the same thing--there was no answer to your query for a TXT record for _acme-challenge.hrtest1.57.151.50.191.nip.io.

    SOLUTIONS

    A) If you want to obtain a certificate for a nip.io dynamic FQDN you can instead use HTTP-01 challenge. With this challenge you place a file on your web server under /.well-known/acme-challenge/ folder. Let's Encrypt will make http request to your server to verify the file and then issue the certificate.

    B) Alternatively, you may be able to Add custom domain to your Azure VM (for free) and obtain certificate for that domain using HTTP-01 challenge technique I mentioned above. For example, you may choose yourazurevm.eastus.cloudapp.azure.com and you would obtain matching certificate.

    Please click Accept Answer and upvote if the above was helpful. If something I wrote above is unclear please add a comment below.

    Thanks.

    -TP