Back to Changelog
v1.0.313
Fixed Let's Encrypt DNS-01 certificate issuance failing with NXDOMAIN for _acme-challenge records
Improvement
1- DNS-01 propagation now uses public resolvers (1.1.1.1:53, 8.8.8.8:53, 9.9.9.9:53) to check where the challenge TXT record actually lives
Bug Fixes
2- Fixed all Let's Encrypt DNS-01 certificate issuance (mail SSL and Cloudflare-DNS website SSL) failing with propagation: time limit exceeded ... returned NXDOMAIN for _acme-challenge
- The ACME propagation pre-check was resolving authoritative nameservers through the host's local BIND resolver, which shadows Cloudflare-hosted domains causing NXDOMAIN lookups