Merge branch 'dnsplugins' of https://github.com/Keyfactor/acme-provider-caplugin into dnsplugins

bhillkeyfactor · bhillkeyfactor · commit 87109d0e6824 · 2026-02-02T15:21:17.000-05:00
diff --git a/AcmeCaPlugin/AcmeCaPlugin.cs b/AcmeCaPlugin/AcmeCaPlugin.cs
@@ -560,7 +560,15 @@ private async Task ProcessAuthorizations(AcmeClient acmeClient, OrderDetails ord
                 pendingChallenges.Add((authz, challenge, validation, domainValidator));
             }
 
-            // Second pass: Wait for DNS propagation and submit challenges
+            // Wait for initial DNS propagation delay if configured
+            if (pendingChallenges.Count > 0 && config.DnsPropagationDelaySeconds > 0)
+            {
+                _logger.LogInformation("Waiting {DelaySeconds} seconds for DNS propagation before verification (configured delay)...",
+                    config.DnsPropagationDelaySeconds);
+                await Task.Delay(TimeSpan.FromSeconds(config.DnsPropagationDelaySeconds));
+            }
+
+            // Second pass: Verify DNS propagation and submit challenges
             foreach (var (authz, challenge, validation, validator) in pendingChallenges)
             {
                 // Skip external DNS verification for Infoblox since it cannot ping external DNS providers
diff --git a/AcmeCaPlugin/AcmeCaPluginConfig.cs b/AcmeCaPlugin/AcmeCaPluginConfig.cs
@@ -197,6 +197,13 @@ public static Dictionary<string, PropertyConfigInfo> GetPluginAnnotations()
                     Hidden = false,
                     DefaultValue = "",
                     Type = "String"
+                },
+                ["DnsPropagationDelaySeconds"] = new PropertyConfigInfo()
+                {
+                    Comments = "Time in seconds to wait after creating DNS records before checking propagation. Azure DNS typically needs 60-120 seconds, AWS Route53 needs 60 seconds. Set to 0 to skip the delay.",
+                    Hidden = false,
+                    DefaultValue = "60",
+                    Type = "Number"
                 }
 
                 //Infoblox DNS
diff --git a/AcmeCaPlugin/AcmeClientConfig.cs b/AcmeCaPlugin/AcmeClientConfig.cs
@@ -53,5 +53,9 @@ public class AcmeClientConfig
         // DNS Verification Settings
         public string DnsVerificationServer { get; set; } = null;
 
+        // DNS Propagation Delay (in seconds) - wait this long after creating DNS records before checking propagation
+        // Azure DNS typically needs 60-120 seconds, AWS Route53 needs 60 seconds
+        public int DnsPropagationDelaySeconds { get; set; } = 60;
+
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -53,5 +53,9 @@ public class AcmeClientConfig`
`53`	`53`	`// DNS Verification Settings`
`54`	`54`	`public string DnsVerificationServer { get; set; } = null;`
`55`	`55`
	`56`	`+ // DNS Propagation Delay (in seconds) - wait this long after creating DNS records before checking propagation`
	`57`	`+ // Azure DNS typically needs 60-120 seconds, AWS Route53 needs 60 seconds`
	`58`	`+ public int DnsPropagationDelaySeconds { get; set; } = 60;`
	`59`	`+`
`56`	`60`	`}`
`57`	`61`	`}`