Jump to content
ShoGinn

Unable to Provision SSL

6 posts in this topic Last Reply

Recommended Posts

Posted (edited)

Good Morning,

 

I had posted this under an old/dead topic, but decided to make my own.

 

When attempting to provision, it times out on the dnscheck portion of the provisioning (confirmed in Chrome developers tools).

 

The reason it is timing out is that the bf05e4cb8aef84d50409f158c245553ea429d50c.unraid.net is resolving an incorrect local address (confirmed by pinging it)

998665943_ScreenShot2019-03-16at7_10_12AM.png.684a26c60b2fe81d974170dfb010a768.png

970289974_ScreenShot2019-03-16at7_11_51AM.png.2a9cfa6adbc2e56c90f9b72ad3f70e7e.png

It throws the error that my router has DNS Rebinding protection.

 

I have updated my router (Ubiquiti USG) to include the proper settings (and I have confirmed them).

235579454_ScreenShot2019-03-16at7_19_46AM.png.37e3835613178f4aef22e3f75dea73c7.png

The address it is using was the original IP during setup (DHCP).

 

I am using a Trial key to test out Unraid.

 

Edited by ShoGinn

Share this post


Link to post

Please screenshot the setting in your router showing you have disabled that protection.

Sent from my Pixel 3 XL using Tapatalk

Share this post


Link to post

Hmm, doesn't look like it took. when you try to provision an SSL cert, unraid attempts a local connection to a DNS entry that points back to your local IP. If you are router prevents this due to DNS rebind being enabled you get the error.

Sent from my Pixel 3 XL using Tapatalk

Share this post


Link to post

@jonp yeah I have been trying to figure out how the Unraid hash is created. 

 

If you take my hash and do a nslookup it is not the 10.14.6.5. It is 10.14.6.174

 

my assumption is that this hash is created initially and is put into the a record on Unraid.net on first boot. 

 

I was able to get it to complete but only because I added the hash in my hosts file. 

 

 

Share this post


Link to post

Update:

 

Looks like today the hash has been updated in the Unraid dns servers.

 

So there must be a time limit ;)

 

I would still like to know the official stance from Unraid on the time limits etc on how it refreshes.

 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now