Registration server setup

mstegeman · July 31, 2019, 6:50pm

I now get no results at all for $ dig +short NS synk.xyz

rajan.shah · August 1, 2019, 6:42am

that is because I get following error in registration server
Aug 01 06:40:42 Remote 172.253.2.2 wants ‘synk.xyz|NS’, do = 0, bufsize = 512: packetcache MISS
Aug 01 06:40:42 Exception building answer packet for synk.xyz/NS (Parsing record content (try ‘pdnsutil check-zone’): missing field at the end of record content ‘’) sending out servfail

looks like something wrong in pdns_server

mstegeman · August 1, 2019, 5:23pm

Is there any chance you’d be willing to give me temporary access to your server so that I can poke around and see what’s going on? If so, email me at mstegeman@mozilla.com and I can give you my SSH public key. Alternatively, you could email me a tarball of your entire config directory.

Isuru_Anuradha · March 11, 2020, 8:07pm

Im also having this problem. can you explain how you stetted up the DB ?

mstegeman · March 13, 2020, 6:16am

The database is created automatically when the Docker container first starts up.

Vivek_Sinha · April 17, 2020, 11:53am

Hi,
I’m setting up a mozilla registration server on kubernetes(aws eks) and i’m using the amazon load balancer instead of nginx reverse proxy, how should i use the acm certificate, where should i install it??

mstegeman · April 17, 2020, 3:58pm

I’m not sure the load balancer is going to serve you well, especially if you’re using multiple servers behind it. You need to have a way to route traffic to the proper back end in order to route through the tunnel.

Vivek_Sinha · May 5, 2020, 9:17am

hi,
Do you know how to create additional nameserver with custom domain name in AWS, i tried to add additional name server but it’s not working.

Vivek_Sinha · May 5, 2020, 2:46pm

2020-05-05 14:44:25.175 ERROR : Failed to generate certificate: Error: No TXT record found at _acme-challenge.domain.com(domain hidden)
at verifyFn (/home/node/mozilla-iot/gateway/node_modules/acme-client/src/client.js:386:23)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
at retryPromise (/home/node/mozilla-iot/gateway/node_modules/acme-client/src/util.js:23:22)
at /home/node/mozilla-iot/gateway/node_modules/acme-client/src/auto.js:124:13

i’m getting above error, can you tell me why it’s coming for let’s encrypt certificate

mstegeman · May 5, 2020, 7:01pm

Can you just point both NS records to the same IP address, i.e. to your registration server?

Vivek_Sinha · May 6, 2020, 5:41am

Hi,
I’ve created 4 name servers pointing to the same ip address. Still the issue is same.
Also i’ve kept my company certificate in the working environment which is of Digicert one but i’m getting the following error
Error: CAA record for gw.domain.com(domain name hidden) prevents issuance.

please suggest the solutions for the above.

mstegeman · May 6, 2020, 2:21pm

Is dig showing your proper NS records?

$ dig +short NS mozilla-iot.org
ns2.mozilla-iot.org.
ns1.mozilla-iot.org.