DuckDNS DDNS Not running

Hi guys,

I follower the following infos to install DDNS with DuckDNS:
https://www.duckdns.org/install.jsp?tab=openwrt&domain=(YOUR DOMAIN HERE)
https://openwrt.org/docs/guide-user/services/ddns/duckdns

It looks like in the UI it gets the right IP, however it says status "not running" and if I click "Reload" it will give me "XHR request timed out"

I am confused, is DDNS working and updating the IP, or not.

I guess that it stays on "not running" and goes on running every X minutes

here is my config:

config ddns 'global'
        option ddns_dateformat '%F %R'
        option ddns_loglines '250'
        option ddns_rundir '/var/run/ddns'
        option ddns_logdir '/var/log/ddns'
        option use_curl '1'

config service 'duckdns'
        option enabled '1'
        option lookup_host 'JJJJJJJJJJJJ.duckdns.org'
        option use_ipv6 '0'
        option service_name 'duckdns.org'
        option domain 'JJJJJJJJJJJJ.duckdns.org'
        option username 'JJJJJJJJJJJJ'
        option password 'XXXXXXX-XXXXXXX-XXXXXX'
        option ip_source 'network'
        option use_syslog '2'
        option check_unit 'minutes'
        option force_unit 'minutes'
        option retry_unit 'seconds'

        option ip_network       "wan"
        option force_interval   "72"
        option force_unit       "hours"
        option check_interval   "10"
        option check_unit       "minutes"
        #option ip_source       "interface"
        #option ip_interface    "eth0.1"
        #option ip_source       "web"
        #option ip_url          "http://ipv4.wtfismyip.com/text"
        option update_url       "http://www.duckdns.org/update?domains=[USERNAME]&tok
        option use_https       "1"
        option cacert          "/etc/ssl/certs/cacert.pem"

and this is the log:

 023142       : verbose mode  : 0 - run normal, NO console output
 023142       : Detect current IP on 'network'
 023143       : Current IP 'XXXX.16' detected on network 'WAN'
 023143       : check interval: 600 seconds
 023144       : force interval: 259200 seconds
 023144       : retry interval: 60 seconds
 023144       : Force communication via device 'eth0.111'
 023144       : retry max count : 0 times
 023145       : 'SIGTERM' was send to old process
 023145  note : PID '10158' terminated by 'SIGTERM' at 2023-11-09 02:31
 023146       : last update: never
 023146       : Detect registered/public IP
 023146       : #> /usr/bin/nslookup XXXXXX.duckdns.org  >/var/run/ddns/duckdns.dat 2>/var/run/ddns/duckdns.err
 023147       : Registered IP 'XXXXXXXX.16' detected
 023147  info : Starting main loop at 2023-11-09 02:31
 023148       : Detect current IP on 'network'
 023148       : Current IP 'XXXXXXX.16' detected on network 'WAN'
 023148       : Forced Update - L: 'XXXXXX.16' == R: 'XXXXXXX.16'
 023148       : Force communication via device 'eth0.111'
 023149  WARN : No valid certificate(s) found at '/etc/ssl/certs/cacert.pem' for HTTPS communication - TERMINATE
 023149  WARN : PID '10293' exit WITH ERROR '1' at 2023-11-09 02:31

Try restarting your router. Does it updates the ip?

You have requested to use HTTPS, but the URL points to HTTP, and the script cannot find the file with the certificates. Try first to use HTTP; if that works, check the URL and the certificates file.

1 Like

Thank you so much for your help, I did lots of progress, now it runs but I get an error:

 011913 ERROR : cURL Error: '60'
 011913       : curl: (60) Cert verify failed: BADCERT_NOT_TRUSTED
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
 011914  WARN : Transfer failed - retry 1/0 in 60 seconds

I tried also this but I still get the error:

# curl --insecure https://certs.secureserver.net/repository/sf_bundle-g2.crt > /etc/ssl/certs/ca-bundle.pem

me too
I'm also confused on how this cert is supposed to work. I'm downloading the same cert as everyone else who uses DuckDNS?
Are they hosting their public cert on that website?
I followed these instructions to get the cert.

I would also like to add that if I turn off HTTPS it works perfectly. I have tried adding an "s" to the Http but it did no good.

I think I've got it working... The luci page says it's updating, but it's still giving me an "XHR request timeout". Unfortunately I changed a few things at the same time so I'm not positive which ones were necessary.
Two of things I had wrong were that there was an "Advanced" tab and I needed to enable cURL and point to the Certs directory

I also installed a few suggestions I saw in other posts. wget-ssl and I installed one of the CA services in addition to the other one. I'm sorry I thought OPKG had a log but I can't seem to find it.

As reference here is my full working config:

run this:

opkg update
opkg install ddns-scripts
opkg install curl
opkg install wget 
opkg install ca-certificates
opkg install ca-bundle
opkg install luci-app-ddns
mkdir -p /etc/ssl/certs
curl -k https://certs.secureserver.net/repository/sf_bundle-g2.crt >  /etc/ssl/certs/ca-bundle.pem

vi /etc/config/ddns

config ddns 'global'
        option ddns_dateformat '%F %R'
        option ddns_loglines '250'
        option ddns_rundir '/var/run/ddns'
        option ddns_logdir '/var/log/ddns'
        option use_curl '1'
        option cacert '/etc/ssl/certs/'

config service 'duckdns'
        option enabled '1'
        option lookup_host 'XXXXXX.duckdns.org'
        option use_ipv6 '0'
        option service_name 'duckdns.org'
        option domain 'XXXXXX.duckdns.org'
        option username 'XXXXX'
        option password 'XXXXXXXXX'
        option ip_source 'network'
        option use_syslog '2'
        option check_unit 'minutes'
        option force_unit 'hours'
        option retry_unit 'seconds'
        option force_interval '72'
        option check_interval '5'
        option interface 'WAN'
        option ip_network 'WAN'
        option use_https '1'
        option cacert '/etc/ssl/certs/'
1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.