Certificate issue for ip6.arpa

I own 1.9.8.0.b.0.f.1.0.7.4.0.1.0.0.2.ip6.arpa, and added it to cloudflare (which worked!) But the "Universal" certificate doesn't work, I guess google doesn't support ip6.arpa The backup certificate works though... But I cannot select it without paying apparently? Despite literally not having any other working certificate?
No description
No description
2 Replies
rymab
rymabOP3d ago
ooh okie i was able to make cloudflare generate a new ssl.com certificate just using the api haha
It's Always DNS
This is normal, and you're not going to be able to do what you're trying. Adding forward records (A / AAAA) to .arpa domains is a violation of RFC 3172, so most CAs will not issue certificates to ip6.arpa or in-addr.arpa domains. You can add these zones to Cloudflare, but it's intended for you to add PTR records for rDNS - not adding forward records. I've also noticed that for ip6.arpa domains, SSL.com will issue certificates, but this should be prevented like it is for in-addr.arpa - I'm guessing they haven't done it yet because this is a niche bug.

Did you find this page helpful?