Let's Encrypt DNS validation fails because it doesn't wait for zone transfers

My LetsEncrypt certs fail to renew because the script sets the DNS txt, but doesn't wait long enough for the zone to propagate through my slave servers. It would be nice if there was a configurable amount of time between when it updates the zone and when it requests the cert renewal.

Alternately, if the cert renewal fails, if it could just try again after some amount of time.


Fixed (pending)


That's odd, as currently Virtualmin waits for 10 seconds after applying the DNS changes to allow for propagation.

Does it take longer than this on your system?

Yeah, I'm using BuddyDNS for secondary servers and it can take a couple of minutes for all of their zones to update.

Hmm ... I'm not sure what we could do then that wouldn't make all DNS let's encrypt validation take a long time.

Well, the easiest solution would be to make the number of seconds configurable.

Fixed (pending)

Good idea, we'll do that in the next Webmin release.