When I use the DNS challenge to request a cert for a FQDN that's a CNAME, I get the following. Assume iamacname.example.com is a CNAME for www.example.com
2016/02/01 13:06:25 [INFO][iamacname.example.com] acme: Obtaining bundled SAN certificate
2016/02/01 13:06:25 [INFO][iamacname.example.com] acme: Trying to solve DNS-01
2016/02/01 13:06:25 [INFO] acme: Please create the following TXT record in your DNS zone:
2016/02/01 13:06:25 [INFO] acme: _acme-challenge.iamacname.example.com. 120 IN TXT "U4BJAr7Mg1x2BSdYWeCDLvWSYPkj14XR3uohxan1_RU"
2016/02/01 13:06:25 [INFO] acme: Press 'Enter' when you are done
2016/02/01 13:06:25 [INFO] acme: You can now remove this TXT record from your DNS zone:
2016/02/01 13:06:25 [INFO] acme: _acme-challenge.iamacname.example.com. 120 IN TXT "..."
panic: interface conversion: dns.RR is *dns.CNAME, not *dns.SOA
goroutine 1 [running]:
github.com/xenolf/lego/acme.checkDNS(0x7ffcb3f28514, 0x13, 0xc820424690, 0x24, 0xc820424690)
/home/happy/x/src/github.com/xenolf/lego/acme/dns_challenge.go:82 +0x355
github.com/xenolf/lego/acme.(*dnsChallenge).Solve(0xc82011c240, 0x0, 0x0, 0xc820432180, 0x6, 0xc820432190, 0x7, 0xc8203500e0, 0x68, 0xc8204240c0, ...)
/home/happy/x/src/github.com/xenolf/lego/acme/dns_challenge.go:65 +0x5a6
github.com/xenolf/lego/acme.(*Client).solveChallenges(0xc820126080, 0xc82000a300, 0x1, 0x1, 0xc82000a300)
/home/happy/x/src/github.com/xenolf/lego/acme/client.go:369 +0x250
github.com/xenolf/lego/acme.(*Client).ObtainCertificate(0xc820126080, 0xc820013990, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
/home/happy/x/src/github.com/xenolf/lego/acme/client.go:227 +0x25b
main.run(0xc8200dc240)
/home/happy/x/src/github.com/xenolf/lego/cli_handlers.go:174 +0x173f
github.com/codegangsta/cli.Command.Run(0x9412b0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9dbd80, 0x3a, 0x0, ...)
/home/happy/x/src/github.com/codegangsta/cli/command.go:163 +0x131d
github.com/codegangsta/cli.(*App).Run(0xc82008fe60, 0xc82000a0c0, 0xc, 0xc, 0x0, 0x0)
/home/happy/x/src/github.com/codegangsta/cli/app.go:179 +0x1169
main.main()
/home/happy/x/src/github.com/xenolf/lego/cli.go:126 +0x106f
goroutine 17 [syscall, locked to thread]:
runtime.goexit()
/usr/lib/go/src/runtime/asm_amd64.s:1696 +0x1
goroutine 9 [IO wait]:
net.runtime_pollWait(0x7f8f324ee000, 0x72, 0xc820012270)
/usr/lib/go/src/runtime/netpoll.go:157 +0x60
net.(*pollDesc).Wait(0xc820128060, 0x72, 0x0, 0x0)
/usr/lib/go/src/net/fd_poll_runtime.go:73 +0x3a
net.(*pollDesc).WaitRead(0xc820128060, 0x0, 0x0)
/usr/lib/go/src/net/fd_poll_runtime.go:78 +0x36
net.(*netFD).Read(0xc820128000, 0xc82031c000, 0x800, 0x800, 0x0, 0x7f8f34652050, 0xc820012270)
/usr/lib/go/src/net/fd_unix.go:232 +0x23a
net.(*conn).Read(0xc820030080, 0xc82031c000, 0x800, 0x800, 0x0, 0x0, 0x0)
/usr/lib/go/src/net/net.go:172 +0xe4
crypto/tls.(*block).readFromUntil(0xc8201123f0, 0x7f8f34656b50, 0xc820030080, 0x5, 0x0, 0x0)
/usr/lib/go/src/crypto/tls/conn.go:455 +0xcc
crypto/tls.(*Conn).readRecord(0xc8200d4840, 0xa14117, 0x0, 0x0)
/usr/lib/go/src/crypto/tls/conn.go:540 +0x2d1
crypto/tls.(*Conn).Read(0xc8200d4840, 0xc820188000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/crypto/tls/conn.go:901 +0x167
net/http.noteEOFReader.Read(0x7f8f34663308, 0xc8200d4840, 0xc8200e67e8, 0xc820188000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/lib/go/src/net/http/transport.go:1370 +0x67
net/http.(*noteEOFReader).Read(0xc82044a700, 0xc820188000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
<autogenerated>:126 +0xd0
bufio.(*Reader).fill(0xc8203ecfc0)
/usr/lib/go/src/bufio/bufio.go:97 +0x1e9
bufio.(*Reader).Peek(0xc8203ecfc0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0)
/usr/lib/go/src/bufio/bufio.go:132 +0xcc
net/http.(*persistConn).readLoop(0xc8200e6790)
/usr/lib/go/src/net/http/transport.go:876 +0xf7
created by net/http.(*Transport).dialConn
/usr/lib/go/src/net/http/transport.go:685 +0xc78
goroutine 10 [select]:
net/http.(*persistConn).writeLoop(0xc8200e6790)
/usr/lib/go/src/net/http/transport.go:1009 +0x40c
created by net/http.(*Transport).dialConn
/usr/lib/go/src/net/http/transport.go:686 +0xc9d