The punycode domain name cannot apply for a TLS certificate through dns.providers.alidns

[satel-global]

When I use the config below (Original non-ascii domain), caddy will not use the DNS challenge, but use the HTTP challenge, which will cause my application to fail...

NON-ASCII.com {
...
    tls {
        dns alidns {
            access_key_id xxxxxxxxxx
            access_key_secret xxxxxxxxxx
        }
    }
}

Log:
{"level":"info","ts":1742189665.757167,"msg":"trying to solve challenge","identifier":"xn--xxxxx.com","challenge_type":"http-01","ca":"https://acme-v02.api.letsencrypt.org/directory"}

When I use punycode, the alibabacloud API does not seem to recognize this domain name

xn--xxxxx.com {
...
    tls {
        dns alidns {
            access_key_id xxxxxxxxxx
            access_key_secret xxxxxxxxxx
        }
    }
}

Log:
{"level":"error","ts":1742191837.3605196,"logger":"tls.obtain","msg":"will retry","error":"[xn--xxxxx.com] Obtain: [xn--xxxxx.com] solving challenges: presenting for challenge: adding temporary record for zone \"xn--xxxxx.com.\": get error status: HTTP 400: The specified domain name does not exist. Refresh the page and try again. (order=https://acme-v02.api.letsencrypt.org/acme/order/2266125821/364411677956) (ca=https://acme-v02.api.letsencrypt.org/directory)","attempt":1,"retrying_in":60,"elapsed":3.200051829,"max_duration":2592000}

[mholt]

Have you tried running the latest commit from 3 days ago, perchance?

Likely by pure coincodence, I noticed a bug related to punycode last week and fixed it. The bug was when you used unicode domain names, the automation policies generated for them would be applied, which sounds like this:

When I use the config below (Original non-ascii domain), caddy will not use the DNS challenge, but use the HTTP challenge, which will cause my application to fail...

(I was also debugging why a domain name was using the HTTP challenge instead of the DNS challenge when I had configured it in the Caddyfile!)

When I use punycode, the alibabacloud API does not seem to recognize this domain name

This may be a bug in the alidns DNS provider package; each API might have its own rules regarding unicode domain names. IMO they should all just use punycode, but if it still doesn't work after using the latest commit of Caddy, you might want to ask upstream in the alidns repo: https://github.com/libdns/alidns

[satel-global]

Yes, I installed the latest build via xcaddy yesterday
and added this module
https://github.com/caddy-dns/alidns

I can get my punycode domain name by running aliyun alidns DescribeDomains through Alibaba Cloud CLI, but when I configure it in Caddyfile, it will report an error HTTP 400: The specified domain name does not exist. Refresh the page and try again.

[mholt]

By default xcaddy uses the latest release, not the latest commit. Make sure you are using the latest with the caddy version command after building. Use xcaddy build master --with github.com/caddy-dns/alidns then use ./caddy version to verify.