-
Adrien Dorsaz authored
This check use the DNS server defined in DNS section (Host setting). For each host, the script will : 1. push update to the DNS host 2. wait delay configured in seconds with parameter CheckChallengeDelay 3. ask the DNS host for TXT entries corresponding to the challenge 4. check if at least one entry corresponds to the key authorization * if there's one, let ask to the acme server to check themselves * if there's none: * wait 2 seconds and retry from step 3 (retry 10 times) 5. If after 10 retries nothing happend, stop with error So, we have this behavior: * if user knows its setup has no bottleneck and won't apply delay before checks, he sets CheckChallengeDelay to 0. * if user knows there's some bottleneck for DNS update, it can set CheckChallengeDelay to a specific amount of seconds In both case, the script will ensure it won't bother the ACME server with useless operations.
4ef84e71