Core: DuckDNS Add-On - ERROR: Problem connecting to server (get for https://acme-v01.api.letsencrypt.org/directory; curl returned with 6)

You are getting CURLE_COULDNT_RESOLVE_HOST (6) error maybe there is some temporary downtime? Can you try again few times in 30 minutes intervals?

Hi....this is not due to downtime. It is most likely to do with the challenge set to https or tls sni that Lets Encrypt disabled. Can someone shed light on this issue?

Did you try again?
I've just added DuckDNS and get no errors. I'm on 0.61 but there was no changes in DuckDNS addon in latest releases.

starting version 3.2.2
Tue Jan 16 19:55:01 WET 2018: OK
XX.XXX.XXX.XX
NOCHANGE

Hi

Did you add DuckDns addon only or did you add LetscEncrypt addon also?

Do I have to create a cert using certbot or does DuckDns take care of all that automatically?

Thanks

Get Outlook for Androidhttps://aka.ms/ghei36

From: Rafał Trzewikowski
Sent: Wednesday, 17 January, 5:57 am
Subject: Re: [home-assistant/home-assistant] DuckDNS Add-On - ERROR: Problem connecting to server (get for https://acme-v01.api.letsencrypt.org/directory; curl returned with 6) (#11699)
To: home-assistant/home-assistant
Cc: automatemyhome, Author

Did you try again?
I've just added DuckDNS and get no errors. I'm on 0.61 but there was no changes in DuckDNS addon in latest releases.
starting version 3.2.2 Tue Jan 16 19:55:01 WET 2018: OK XX.XXX.XXX.XX NOCHANGE
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHubhttps://github.com/home-assistant/home-assistant/issues/11699#issuecomment-358085380, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AgS9BUNSaOO21Q6CAYcfBTRIsBLZZ6qGks5tLP8MgaJpZM4Rfsmf.

I have the same problem. I use DuckDNS addon. It worked till today.
Hassio 0.61.1. I upgraded two days ago. I have rebooted last night. I do not know if that has any relation. Ubuntu 16.04, hassio in a docker.
Ssh to hassio and confirmed that it can not resolve any name.

I think there is something wrong with duckdns.org as I cannot ping mydomain.duckdns.org but I can ping mydomain.ddns.net?

But then again I think the problem may be something to do with the challenge needs to be set to http. Can a developer who created DUCKDNS ADDON please have a look?

There were no changes in DuckDNS addon in at least 3 months. https://github.com/home-assistant/hassio-addons/tree/master/duckdns so that's not the issue. But I don't really know what could it be.

Thanks. It is possibly the lets encrypt part of the duckdns addon and the http/s challenge.

Just because there has been no change to duckdns addon does not mean that there is a problem outside duckdns addon.

Have you got https working with duckdns addon in docker?

I cannot ping mydomain.duckdns.org I have three all do not work inside or outside my network on different machines, that is a bit strange right

Can you ping duckdns.org itself? From the container? Can you try to tracert the address?

Will try tonight and report back.

Just tried to ping duckdns.org from a reputable app on my phone and immediately timed out !!

Can anyone else ping duckdns.org successfully? If so do you live in Australia on the Telstra network?

Do you have any internal DNS server configured that could have taken over the duckdns record ?

You should give Telstra a call then, they may be able to help.

I live in Spain and can not ping duckdns.org. Inside the container or outside.

Thanks for confirming the problem is global not isolated to my setup or Australia or Telstra. I have tried to ping duckdns.org completely outside my network on a fixed line network and using my mobile phone with timeout, this proves that there is a problem with duckdns.org unless they do not allow pings but I did a traceroute and that did not work either. I cannot believe that all people using duckdns.org for home assistant are not complaining? Next steps I suppose it to somehow contact duckdns.org to log issue?

I guess duckdns has icmp response disabled so you cant ping them from anywhere.
What error are you getting on ping? Can you show results of your tracert (from 3rd hop is OK)?

More importantly try to see if from your network you can access https://acme-v01.api.letsencrypt.org/directory as this is the error you're getting.

This is what I get with traceroute:

core-ssh:~# traceroute duckdns.org
traceroute to duckdns.org (52.43.51.114), 30 hops max, 46 byte packets
 1  homeassistant (172.30.32.1)  0.015 ms  0.012 ms  0.011 ms
 2  192.168.0.1 (192.168.0.1)  0.402 ms  0.268 ms  0.355 ms
 3  192.168.144.1 (192.168.144.1)  1.836 ms  1.627 ms  2.436 ms
 4  *  *  *
 5  158.red-81-46-66.customer.static.ccgg.telefonica.net (81.46.66.158)  3.648 ms  74.red-80-58-96.staticip.rima-tde.net (80.58.96.74)  2.241 ms  150.red-81-46-66.customer.static.ccgg.telefonica.net (81.46.66.150)  4.679 ms
 6  *  69.red-80-58-96.staticip.rima-tde.net (80.58.96.69)  3.765 ms  *
 7  ae0-400-grtmadno2.net.telefonicaglobalsolutions.com (213.140.51.56)  3.876 ms  ae-0-400-grtmadde3.net.telefonicaglobalsolutions.com (213.140.51.58)  3.629 ms  ae0-400-grtmadno2.net.telefonicaglobalsolutions.com (213.140.51.56)  3.172 ms
 8  5.53.7.204 (5.53.7.204)  3.257 ms  5.53.7.225 (5.53.7.225)  5.711 ms  5.53.7.204 (5.53.7.204)  10.249 ms
 9  5.53.7.204 (5.53.7.204)  4.786 ms  xe0-1-4-2-gramadix4.net.telefonicaglobalsolutions.com (213.140.49.156)  4.428 ms  5.53.7.204 (5.53.7.204)  4.767 ms
10  213.140.43.252 (213.140.43.252)  4.940 ms  84.16.14.8 (84.16.14.8)  6.119 ms  xe0-1-4-3-gramadix4.net.telefonicaglobalsolutions.com (213.140.49.158)  3.595 ms
11  94.142.107.37 (94.142.107.37)  39.726 ms  94.142.125.108 (94.142.125.108)  4.945 ms  94.142.97.138 (94.142.97.138)  4.746 ms
12  et-0-0-67.cr4-lax2.ip4.gtt.net (89.149.140.77)  187.695 ms  182.337 ms  94.142.107.37 (94.142.107.37)  4.312 ms
13  a100-gw.ip4.gtt.net (173.205.58.58)  164.060 ms  176.806 ms  175.235 ms
14  *  *  *
15  *  *  *
16  54.239.44.20 (54.239.44.20)  189.343 ms  *  *
17  *  *  *
18  52.93.14.33 (52.93.14.33)  191.811 ms  52.93.14.75 (52.93.14.75)  193.779 ms  52.93.14.248 (52.93.14.248)  193.777 ms
19  52.93.14.109 (52.93.14.109)  191.521 ms  52.93.14.110 (52.93.14.110)  195.794 ms  52.93.14.214 (52.93.14.214)  201.395 ms
20  52.93.14.216 (52.93.14.216)  199.119 ms  52.93.14.241 (52.93.14.241)  198.058 ms  52.93.15.251 (52.93.15.251)  198.318 ms
21  52.93.13.85 (52.93.13.85)  186.028 ms  52.93.15.249 (52.93.15.249)  191.723 ms  *
22  *  54.239.48.197 (54.239.48.197)  198.063 ms  *
23  *  *  *
24  *  *  *
25  *  *  *
26  *  *  *
27  *  *  *
28  *  *  *
29  *  *  *
30  *  *  *

This with ping to acme-v01.api.letsencrypt.org:

core-ssh:~# ping acme-v01.api.letsencrypt.org
PING acme-v01.api.letsencrypt.org (2.19.166.31): 56 data bytes
64 bytes from 2.19.166.31: seq=0 ttl=57 time=4.819 ms
64 bytes from 2.19.166.31: seq=1 ttl=57 time=4.642 ms
64 bytes from 2.19.166.31: seq=2 ttl=57 time=5.136 ms
64 bytes from 2.19.166.31: seq=3 ttl=57 time=4.352 ms
^C
--- acme-v01.api.letsencrypt.org ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 4.352/4.737/5.136 ms

And this fetching from there:

core-ssh:~# curl https://acme-v01.api.letsencrypt.org/directory
{
  "MUrfRKgyTY4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change",
  "meta": {
    "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf"
  },
  "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz",
  "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert",
  "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg",
  "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert"

This is the error showed at the DuckDNS addon logs:

starting version 3.2.2
# INFO: Using main config file /data/workdir/config
ERROR: Problem connecting to server (get for https://acme-v01.api.letsencrypt.org/directory; curl returned with 6)

Sorry for the confusion. My last posts have my hassio docker momentary configured with 8.8.8.8 as nameserver. After reboot, I get again 127.0.0.11 and it cannot resolve:

core-ssh:~# curl https://acme-v01.api.letsencrypt.org/directory
curl: (6) Could not resolve host: acme-v01.api.letsencrypt.org
core-ssh:~# traceroute duckdns.org
traceroute: bad address 'duckdns.org'

This is the result of this commands:

root@NUC:~# docker exec homeassistant cat /etc/resolv.conf
nameserver 172.30.32.2
options ndots:0
root@NUC:~# docker exec hassio_supervisor cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0

If I do this:

Create this file with the following contents to set two DNS, firstly your network’s DNS server, and secondly the Google DNS server to fall back to in case that server isn’t available:

/etc/docker/daemon.json:

{
“dns”: [“192.168.0.1”, “8.8.8.8”]
}
Then restart the docker service:

sudo service docker restart

Then, the DuckDNS addon starts and Letsencrytp is accessed properly, but the other addons break.

P.S.: I am running Hassio in a Ubuntu host.

Well, it seems like the reason have been found:
https://community.home-assistant.io/t/lets-encrypt-problem-connecting-to-server-get-for-https-acme-v01-api-letsencrypt-org-directory-curl-returned-with-6/39430/5
A solution like the one implemented by the developers of Linuxserver.io could be implemented in the DuckDNS addon?

Thanks for your patience.

Finally, this was a DNS issue. Sorry for the inconvenience.

I have this error on Home Assistant 0.64.1 and DuckDNS v3.2.4.

edit: still broken on HA 0.64.3

Same here, running hass.io on docker, it used to stop since the 20th Of February, I did not changed anything, I tried to downgrade an old working snapshot, tried a different duckdns domain, changed nat rules in router but still this error
Thanks

Any solution to this problem?

The HA component (https://www.home-assistant.io/components/duckdns/) works fine for me (this is not the Hass.io addon). It updates the duckdns dns record, but not the letsencrypt certificates.

Glad I found this thread. I'm running Hass.io in Docker on an Ubuntu 18.04 host (migrated over from a Pi which had no problems). Now, though, I have the same issue as others reported above. So it appears that Let's Encrypt disabled support for the tls/sni validation method used by the add-on that affects those of us with this type of Hass.io install. @tremebundo noted above that the folks at linuxserver.io have developed a way to change the validation method to another one that works. Curious if there are plans to work that in to a future version of this add-on or if anyone has found a different workaround?

In the meantime I am able to use the DuckDNS component to keep the DNS record updated, like @defcon84 suggested.... but I'd like to go SSL again at some point.

@mconnolly05 if you are using docker, just add this container to update your certificates.
https://hub.docker.com/r/linuxserver/letsencrypt/
This is what i do now.

None of the options above helped, this did though:

https://development.robinwinslow.uk/2016/06/23/fix-docker-networking-dns/

@Raspatat yeah, there are other threads with mixed solutions, some with symlinking resolv.conf, others thru port forwarding in router and docker, otheres create daemon.json but input their own dns IP's. In my case I had to input google's DNS primary and secondary, otherwise, letsencrypt would work but any other outward connection from other components wasn't resolved.

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.

Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment :+1:

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.

Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment :+1:

Hi,

I able to reproduce similar issue on this error.

My issues: https://github.com/home-assistant/home-assistant/issues/22024 & https://github.com/home-assistant/hassio-addons/issues/549

Could assist on this issue?

Thanks.

Getting it too, right now

I solved my issue by restarting duckdns docker container manually when it is down.

So far it is working fine.

Still an issue. Fresh installs of everything, and this still appears as a problem.

are you using Hassio over ubuntu?

Il giorno lun 15 apr 2019 alle ore 02:07 sethcohn notifications@github.com
ha scritto:

Still an issue. Fresh installs of everything, and this still appears as a
problem.

—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/home-assistant/home-assistant/issues/11699#issuecomment-483070509,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AMKyUMDWqEwVNTRJ4of1UO-xzFcTNeDNks5vg8KmgaJpZM4Rfsmf
.

--
Marco Paglioni
Telegram: @Kedryn - SKYPE: kedryn
PEC: [email protected]

Oh I'm sorry, meant to clarify:. HassOS latest stable 32 bit download on Raspberry PI 3, 32gb SD card.

I'm going to reset everything and try again.

@sethcohn I am facing the same issue.

I believe that in general HTTP/SSL are not working very well within my containers. I have failures connecting to : pushbullet and netatmo by example.

There hasn't been any activity on this issue recently. Due to the high number of incoming GitHub notifications, we have to clean some of the old issues, as many of them have already been resolved with the latest updates.
Please make sure to update to the latest Home Assistant version and check if that solves the issue. Let us know if that works for you by adding a comment 👍
This issue now has been marked as stale and will be closed if no further activity occurs. Thank you for your contributions.