• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Forwarded to devs Unable to create NS records with underscores

M

mr-wolf

Silver Pleskian
Plesk Guru
User name: mr-wolf

TITLE

Unable to create NS records with underscores

PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE

Plesk Obsidian

PROBLEM DESCRIPTION

I need to create an NS-record with Plesk with the name _acme-challenge
This is not allowed by the interface nor the CLI


/usr/local/psa/bin/dns --add dummy.com -ns _acme-challenge -nameserver ns7.isp.com
Incorrect DNS Record parameter values were specified

I found out that Letsencrypt's protocol supports the delegation of subdomains and this will enable me to use Plesk's Letsencrypt wildcards without having (full) DNS control on the server that's running the website.

STEPS TO REPRODUCE

Create an NS-record with the name _acme-challenge

ACTUAL RESULT

An error message

"The specified domain name is not valid. You need to specify a valid domain name like domain.com. "

EXPECTED RESULT

The creation of the NS-record

ANY ADDITIONAL INFORMATION

Question - Wildcard certificates depend on DNS being installed

YOUR EXPECTATIONS FROM PLESK SERVICE TEAM

Confirm bug
 
BTW...

Also the DNS template needs to be able to create a _acme-challenge.<domain> NS-record
 
Thank you.
This issue is known as already submitted PPPM-9013
 
I'm running version 18.0.32 and this has still NOT been fixed.

I would expect that incorrect limitations that were explicitly written into your software by one of your programmers would get fixed immediately.

No-one, least of all we, asked for this limitation (prohibiting underscores).
It was wrongly assumed by your programmer and now we are stuck with that for the time being.
The only thing he needs to do is correct what he did wrong.

The same happened with SRV-records that were limited to only "TCP or UDP" for protocol by your programmer, when the whole idea of an SRV-record was that freedom. It was a limitation that he invented and was never proposed nor implied by the RFC's.
That bug was in Plesk for at least 6 years after I first reported it to you (reported it in 2008).

Later it was repeated with CNAMEs that were not allowed to have underscores.

Get it at least fixed in 6 months this time and check all the other types for a same "invented" limitation!
 
I don't think @ is valid.
It's used in some interfaces (not plesk) as a replacement for the current domain.

post what you think is a valid usage of @
 
mr-wolf said:
I don't think @ is valid.
It's used in some interfaces (not plesk) as a replacement for the current domain.

post what you think is a valid usage of @
Click to expand...
I've used it for years at 123-reg and most instructions I've seen for setting up DNS for other web hosts include it.

Here's a web page that explains what it does.
Wildcard '*' versus Exact Match '@' DNS records

From that page: "The prefix ‘@’ refers to the domain name itself -- it essentially means no prefix."

So, if Plesk understands a blank in the same way as an @ then I guess we don't need it, but since all the instructions I've ever seen say to use an @, it would be wise for Plesk to accept it and silently ignore it, or for the DNS management page to have a wee note that says a blank entry is the same as @

Plesk does accept the wildcard *
 
finbarr69 said:
I've used it for years at 123-reg and most instructions I've seen for setting up DNS for other web hosts include it.

Here's a web page that explains what it does.
Wildcard '*' versus Exact Match '@' DNS records

From that page: "The prefix ‘@’ refers to the domain name itself -- it essentially means no prefix."

So, if Plesk understands a blank in the same way as an @ then I guess we don't need it, but since all the instructions I've ever seen say to use an @, it would be wise for Plesk to accept it and silently ignore it, or for the DNS management page to have a wee note that says a blank entry is the same as @

Plesk does accept the wildcard *
Click to expand...
the page you're referring to is saying the same as what I did.
The "@" is merely a placeholder for a specific GUI or instruction. It will never be an actual part in the DNS itself.

Just like <domain> it's merely a placeholder. Some interfaces, like DirectAdmin, have chosen to make use of that placeholder, but the @ sign will not be written to the the DNS server's config.

This "@" problem, which is not a problem at all, is a misunderstanding of yours and has no bearing at all on this issue.
"@" is not a valid answer of a DNS server and a DNS client would not know what to do with it. It's an interface thing.

The issue for which I created this thread is about the inability of Plesk's interface to enter some fully valid entries into the DNS config. I need this to be fixed. For starters I need to wait 2 minutes for the cronjob I made to kick in. It is also too complicated for others to implement and they will therefore not be able to use a seperate DNS server and use wildcard certificates with letsencrypt.

I needed to write a script that writes these entries directly into the DNS configs which are read by the daemon "bind"
 
Last edited:
You must log in or register to reply here.

Similar threads

C
Unable to create A DNS record with underscore in Plesk: The specified domain name is not valid. You need to specify a valid domain name like domain.co
Replies
6
Views
2K
scsa20
scsa20
T
Resolved Lets Encrypt renewal - wildcard seems to want to use http challenge
Replies
2
Views
1K
TomBoB
T
WhiteTiger
Resolved How to assign Let's Encrypt certificate to two servers?
Replies
8
Views
1K
WhiteTiger
WhiteTiger
V
Question How to solve plesk and cloudflare ssl auto issue conflict
Replies
3
Views
1K
twebhosting
T
M
Issue Letsencrypt not automatically updating certificate
Replies
0
Views
771
mr-wolf
M
Back
Top