Since today, this error has been displayed on several IPFire systems and no DDNS updates have been performed.
All providers are affected. freedns.afraid.org, Duck DNS, SPDYN, Selfhost.de, …
Thank you for support
Example log:
|13:35:03 |ddns[3891]: |DDNSCertificateError: Invalid certificate
|13:35:03 |ddns[3891]: |Dynamic DNS update for *** (freedns.afraid.org) failed:
|13:35:02 |ddns[3891]: |DDNSCertificateError: Invalid certificate
|13:35:02 |ddns[3891]: |Dynamic DNS update for *** (Duck DNS) failed:
|13:35:01 |ddns[3891]: |DDNSCertificateError: Invalid certificate
|13:35:01 |ddns[3891]: |Dynamic DNS update for *** (SPDYN) failed:
|13:35:01 |ddns[3891]: |DDNSCertificateError: Invalid certificate
|13:35:01 |ddns[3891]: |Dynamic DNS update for *** (Selfhost.de) failed:
Since today, I’ve been having problems with some DynDNS providers, such as Dynu and NoIP. The update fails with the message:
ddns DDNSCertificateError: Invalid certificate
ddns Dynamic DNS update for xyz.domain1.xxx (Dynu) failed
ddns DDNSCertificateError: Invalid certificate
ddns Dynamic DNS update for xyz.domain2.xxx (NoIP) failed:
This error appears every 5 minutes and no update is performed.
There’s not even an attempt to contact the DDNS provider.
It appears to be an internal issue and is independent of the IPFire version.
It seems to affect almost all DDNS providers!
The problem doesn’t seem to be with the update, but rather with verifying the IP address.
Interestingly, if you create a new domain, exactly one correct update occurs. After that, only the error occur every 5 minutes.
This uses an E6 Let’s Encrypt certificate that expired on June 17, 2025. Unfortunately, no additional server is configured by default for redundancy, so IPFire is dependent on this provider.
@bonnietwin
Since you moved my post, I can only edit it, not reply.
your post is unfortunately not true. The errror has nothing todo with the ddns server. Your dynu config works, while you are not using an external IP. Your IPFire Red Interface get the IP directly. That is another configuration
Jun 18 01:40:00 ipfire ddns[28698]: Dynamic DNS update for <mydomain.xxx> (Dynu) failed:
Jun 18 01:40:00 ipfire ddns[28698]: DDNSCertificateError: Invalid certificate
When I restart IPFire
Every 5 minutes and also when I try “Instant update” on the ddns.cgi page
Yes, everything is working flawlessly again.
Thank you very much !!!
However, it would be worth considering making such an important service redundant in IPFire. In the current configuration, all DDNS providers depend on the availability of this one server, and something like this can happen from time to time. And by enabling HTST, it was also difficult to circumvent.