Rainer Meier

Actually just digged in the code in the hope to be able to override the check and found it in lib/Froxlor/Api/Commands/Domains.php:284. Turns out the check can be disabled also in settings. So I found the related switch in Settings -> SSL Settings => "Validate DNS of domains when using Let's Encrypt". Turn off this option and it will work.

I am also having some trouble to understand this. Actually my web server is on an internal network and there is a proxy/router/port-forwarder in front of it. So the public IP (listed in DNS A record) will never be assigned to the webserver. How does this prevent getting a let's encrypt certificate? As of my understanding it's a challange-response where let's encrypt is fetching some token from my webserver (which will work). Just Froxlor does not know the actual public IP. In my case it's even a dynamic IP so the DNS A record is changing every now and then.

I am using it regularly too. Meanwhile I was just sticking to the old version and thinking about my own overlay but I would rather prefer to get the builds from an official overlay. At least I didn't find any statement that it is deprecated or abandoned.