TXT record getting 600 TTL even when TTL is set to 90 in the API call TXT record getting 600 TT...

Topic: TXT record getting 600 TTL even when TTL is set to 90 in the API call

Post TXT record getting 600 TTL even when TTL is set to 90 in the API call
by guneves on vendredi 19 avril 2024

Hi, I was trying to create a letsencrypt certificate. To test, I first tried the staging server. I was monitoring the whole thing, and noticed that the new record was getting 600s TTL. Then that propagates and it takes from 10 to 20 minutes for you to be able to test it again, since the server it propagated to will wait that amount of time to fetch it again. Let'sEncrypt keeps getting the old TXT record and fails to authenticate the certificate. So, to be sure, you will need to wait more than 20 minutes to try again, or risk having yet another TXT record propagating before it can be reset.

Then I went to check the acme.sh dynu plugin and it is actually creating the TXT record with TTL set to 90, but the API uses 600 as TTL even with that set.

This makes the certificate process quite annoying, since you have to wait a lot of time to try again, instead of just a couple of minutes.

Here is the link to the dynu plugin
https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_dynu.sh

And here is the code that creates the TXT record (not the ttl set at then end).
```
_dynu_rest POST "dns/$dnsId/record" "{\"domainId\":\"$dnsId\",\"nodeName\":\"$_node\",\"recordType\":\"TXT\",\"textData\":\"$txtvalue\",\"state\":true,\"ttl\":90}"
```

Is TTL:90 too low? Why is it not being applied when the record is created? I even edited the record manually from the dynu interface and was able to change the TTL to 90, so it does not seem to be too low.

Reply with quote | Report
jeudi 23 mai 2024 20:28
Loading...