chore: replace GetRecord by GetChallengeInfo (#1863)

2023-03-07 09:39:05 +01:00 · 2023-03-07 09:39:05 +01:00 · e638d79643
commit e638d79643
parent 2c9f6b19dd
122 changed files with 930 additions and 904 deletions
--- a/challenge/dns01/dns_challenge.go
+++ b/challenge/dns01/dns_challenge.go
@ -114,7 +114,7 @@ func (c *Challenge) Solve(authz acme.Authorization) error {
 		return err
 	}
-	fqdn, value := GetRecord(authz.Identifier.Value, keyAuth)
+	info := GetChallengeInfo(authz.Identifier.Value, keyAuth)
 	var timeout, interval time.Duration
 	switch provider := c.provider.(type) {
@ -129,7 +129,7 @@ func (c *Challenge) Solve(authz acme.Authorization) error {
 	time.Sleep(interval)
 	err = wait.For("propagation", timeout, interval, func() (bool, error) {
-		stop, errP := c.preCheck.call(domain, fqdn, value)
+		stop, errP := c.preCheck.call(domain, info.EffectiveFQDN, info.Value)
 		if !stop || errP != nil {
 			log.Infof("[%s] acme: Waiting for DNS record propagation.", domain)
 		}
@ -172,20 +172,44 @@ type sequential interface {
 }
 // GetRecord returns a DNS record which will fulfill the `dns-01` challenge.
 // Deprecated: use GetChallengeInfo instead.
 func GetRecord(domain, keyAuth string) (fqdn, value string) {
-	keyAuthShaBytes := sha256.Sum256([]byte(keyAuth))
+	info := GetChallengeInfo(domain, keyAuth)
 	// base64URL encoding without padding
 	value = base64.RawURLEncoding.EncodeToString(keyAuthShaBytes[:sha256.Size])
-	fqdn = getChallengeFqdn(domain)
+	return info.EffectiveFQDN, info.Value
 	return
 }
-func getChallengeFqdn(domain string) string {
+// ChallengeInfo contains the information use to create the TXT record.
 type ChallengeInfo struct {
 	// FQDN is the full-qualified challenge domain (i.e. `_acme-challenge.[domain].`)
 	FQDN string
 	// EffectiveFQDN contains the resulting FQDN after the CNAMEs resolutions.
 	EffectiveFQDN string
 	// Value contains the value for the TXT record.
 	Value string
 }
 // GetChallengeInfo returns information used to create a DNS record which will fulfill the `dns-01` challenge.
 func GetChallengeInfo(domain, keyAuth string) ChallengeInfo {
 	keyAuthShaBytes := sha256.Sum256([]byte(keyAuth))
 	// base64URL encoding without padding
 	value := base64.RawURLEncoding.EncodeToString(keyAuthShaBytes[:sha256.Size])
 	ok, _ := strconv.ParseBool(os.Getenv("LEGO_DISABLE_CNAME_SUPPORT"))
 	return ChallengeInfo{
 		Value:         value,
 		FQDN:          getChallengeFQDN(domain, false),
 		EffectiveFQDN: getChallengeFQDN(domain, !ok),
 	}
 }
 func getChallengeFQDN(domain string, followCNAME bool) string {
 	fqdn := fmt.Sprintf("_acme-challenge.%s.", domain)
-	if ok, _ := strconv.ParseBool(os.Getenv("LEGO_DISABLE_CNAME_SUPPORT")); ok {
+	if !followCNAME {
 		return fqdn
 	}
--- a/challenge/dns01/dns_challenge_manual.go
+++ b/challenge/dns01/dns_challenge_manual.go
@ -21,15 +21,15 @@ func NewDNSProviderManual() (*DNSProviderManual, error) {
 // Present prints instructions for manually creating the TXT record.
 func (*DNSProviderManual) Present(domain, token, keyAuth string) error {
-	fqdn, value := GetRecord(domain, keyAuth)
+	info := GetChallengeInfo(domain, keyAuth)
-	authZone, err := FindZoneByFqdn(fqdn)
+	authZone, err := FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
 	fmt.Printf("lego: Please create the following TXT record in your %s zone:\n", authZone)
-	fmt.Printf(dnsTemplate+"\n", fqdn, DefaultTTL, value)
+	fmt.Printf(dnsTemplate+"\n", info.EffectiveFQDN, DefaultTTL, info.Value)
 	fmt.Printf("lego: Press 'Enter' when you are done\n")
 	_, err = bufio.NewReader(os.Stdin).ReadBytes('\n')
@ -39,15 +39,15 @@ func (*DNSProviderManual) Present(domain, token, keyAuth string) error {
 // CleanUp prints instructions for manually removing the TXT record.
 func (*DNSProviderManual) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := GetRecord(domain, keyAuth)
+	info := GetChallengeInfo(domain, keyAuth)
-	authZone, err := FindZoneByFqdn(fqdn)
+	authZone, err := FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
 	fmt.Printf("lego: You can now remove this TXT record from your %s zone:\n", authZone)
-	fmt.Printf(dnsTemplate+"\n", fqdn, DefaultTTL, "...")
+	fmt.Printf(dnsTemplate+"\n", info.EffectiveFQDN, DefaultTTL, "...")
 	return nil
 }
--- a/docs/content/usage/library/Writing-a-Challenge-Solver.md
+++ b/docs/content/usage/library/Writing-a-Challenge-Solver.md
@ -59,15 +59,16 @@ For DNS-01, we'll just use `domain` and `keyAuth`.
 ```go
 func (d *DNSProviderBestDNS) Present(domain, token, keyAuth string) error {
-    fqdn, value := dns01.GetRecord(domain, keyAuth)
+    info := dns01.GetChallengeInfo(domain, keyAuth)
    // make API request to set a TXT record on fqdn with value and TTL
    return nil
 }
 ```
-After calling `dns01.GetRecord(domain, keyAuth)`, we now have the information we need to make our API request and set the TXT record:
+After calling `dns01.GetChallengeInfo(domain, keyAuth)`, we now have the information we need to make our API request and set the TXT record:
- `fqdn` is the fully qualified domain name on which to set the TXT record.
+- `FQDN` is the fully qualified domain name on which to set the TXT record.
- `value` is the record's value to set on the record.
+- `EffectiveFQDN` is the fully qualified domain name after the CNAMEs resolutions on which to set the TXT record.
 - `Value` is the record's value to set on the record.
 So then you make an API request to the DNS service according to their docs.
 Once the TXT record is set on the domain, you may return and the challenge will proceed.
--- a/providers/dns/acmedns/acmedns.go
+++ b/providers/dns/acmedns/acmedns.go
@ -103,28 +103,23 @@ func (e ErrCNAMERequired) Error() string {
 // This will halt issuance and indicate to the user that a one-time manual setup is required for the domain.
 func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 	// Compute the challenge response FQDN and TXT value for the domain based on the keyAuth.
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	effectiveDomain := domain
 	if isCNAME(domain, fqdn) {
 		effectiveDomain = fqdn
 	}
 	// Check if credentials were previously saved for this domain.
-	account, err := d.storage.Fetch(effectiveDomain)
+	account, err := d.storage.Fetch(domain)
 	if err != nil {
 		if errors.Is(err, goacmedns.ErrDomainNotFound) {
 			// The account did not exist.
 			// Create a new one and return an error indicating the required one-time manual CNAME setup.
-			return d.register(effectiveDomain, fqdn)
+			return d.register(domain, info.FQDN)
 		}
-		// Errors other than goacmeDNS.ErrDomainNotFound are unexpected.
+		// Errors other than goacmedns.ErrDomainNotFound are unexpected.
 		return err
 	}
 	// Update the acme-dns TXT record.
-	return d.client.UpdateTXTRecord(account, value)
+	return d.client.UpdateTXTRecord(account, info.Value)
 }
 // CleanUp removes the record matching the specified parameters. It is not
@ -165,7 +160,3 @@ func (d *DNSProvider) register(domain, fqdn string) error {
 		Target: newAcct.FullDomain,
 	}
 }
 func isCNAME(domain, fqdn string) bool {
 	return fmt.Sprintf("_acme-challenge.%s.", domain) != fqdn
 }
--- a/providers/dns/alidns/alidns.go
+++ b/providers/dns/alidns/alidns.go
@ -129,14 +129,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, err := d.getHostedZone(fqdn)
+	zoneName, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("alicloud: %w", err)
 	}
-	recordAttributes, err := d.newTxtRecord(zoneName, fqdn, value)
+	recordAttributes, err := d.newTxtRecord(zoneName, info.EffectiveFQDN, info.Value)
 	if err != nil {
 		return err
 	}
@ -150,14 +150,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	records, err := d.findTxtRecords(fqdn)
+	records, err := d.findTxtRecords(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("alicloud: %w", err)
 	}
-	_, err = d.getHostedZone(fqdn)
+	_, err = d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("alicloud: %w", err)
 	}
--- a/providers/dns/allinkl/allinkl.go
+++ b/providers/dns/allinkl/allinkl.go
@ -101,9 +101,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("allinkl: could not determine zone for domain %q: %w", domain, err)
 	}
@ -113,7 +113,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("allinkl: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("allinkl: %w", err)
 	}
@ -122,7 +122,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		ZoneHost:   authZone,
 		RecordType: "TXT",
 		RecordName: subDomain,
-		RecordData: value,
+		RecordData: info.Value,
 	}
 	recordID, err := d.client.AddDNSSettings(credential, record)
@ -139,7 +139,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	credential, err := d.client.Authentication(60, true)
 	if err != nil {
@ -151,7 +151,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("allinkl: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("allinkl: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	_, err = d.client.DeleteDNSSettings(credential, recordID)
--- a/providers/dns/arvancloud/arvancloud.go
+++ b/providers/dns/arvancloud/arvancloud.go
@ -106,14 +106,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := getZone(fqdn)
+	authZone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("arvancloud: %w", err)
 	}
@ -121,7 +121,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.DNSRecord{
 		Type:          "txt",
 		Name:          subDomain,
-		Value:         internal.TXTRecordValue{Text: value},
+		Value:         internal.TXTRecordValue{Text: info.Value},
 		TTL:           d.config.TTL,
 		UpstreamHTTPS: "default",
 		IPFilterMode: &internal.IPFilterMode{
@ -133,7 +133,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	newRecord, err := d.client.CreateRecord(authZone, record)
 	if err != nil {
-		return fmt.Errorf("arvancloud: failed to add TXT record: fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("arvancloud: failed to add TXT record: fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	d.recordIDsMu.Lock()
@ -145,9 +145,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := getZone(fqdn)
+	authZone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
@ -157,7 +157,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("arvancloud: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("arvancloud: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	if err := d.client.DeleteRecord(authZone, recordID); err != nil {
--- a/providers/dns/auroradns/auroradns.go
+++ b/providers/dns/auroradns/auroradns.go
@ -104,9 +104,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("aurora: could not determine zone for domain %q: %w", domain, err)
 	}
@ -118,7 +118,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	//    the subdomain, resulting in _acme-challenge..<domain> rather
 	//    than _acme-challenge.<domain>
-	subdomain := fqdn[0 : len(fqdn)-len(authZone)-1]
+	subdomain := info.EffectiveFQDN[0 : len(info.EffectiveFQDN)-len(authZone)-1]
 	authZone = dns01.UnFqdn(authZone)
@ -130,7 +130,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := auroradns.Record{
 		RecordType: "TXT",
 		Name:       subdomain,
-		Content:    value,
+		Content:    info.Value,
 		TTL:        d.config.TTL,
 	}
@ -148,17 +148,17 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes a given record that was generated by Present.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	d.recordIDsMu.Lock()
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("unknown recordID for %q", fqdn)
+		return fmt.Errorf("unknown recordID for %q", info.EffectiveFQDN)
 	}
-	authZone, err := dns01.FindZoneByFqdn(dns01.ToFqdn(fqdn))
+	authZone, err := dns01.FindZoneByFqdn(dns01.ToFqdn(info.EffectiveFQDN))
 	if err != nil {
 		return fmt.Errorf("could not determine zone for domain %q: %w", domain, err)
 	}
--- a/providers/dns/autodns/autodns.go
+++ b/providers/dns/autodns/autodns.go
@ -105,13 +105,13 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	records := []*ResourceRecord{{
-		Name:  fqdn,
+		Name:  info.EffectiveFQDN,
 		TTL:   int64(d.config.TTL),
 		Type:  "TXT",
-		Value: value,
+		Value: info.Value,
 	}}
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
@ -125,13 +125,13 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record previously created.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	records := []*ResourceRecord{{
-		Name:  fqdn,
+		Name:  info.EffectiveFQDN,
 		TTL:   int64(d.config.TTL),
 		Type:  "TXT",
-		Value: value,
+		Value: info.Value,
 	}}
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
--- a/providers/dns/azure/private.go
+++ b/providers/dns/azure/private.go
@ -29,9 +29,9 @@ func (d *dnsProviderPrivate) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *dnsProviderPrivate) Present(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZoneID(ctx, fqdn)
+	zone, err := d.getHostedZoneID(ctx, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
@ -39,7 +39,7 @@ func (d *dnsProviderPrivate) Present(domain, token, keyAuth string) error {
 	rsc := privatedns.NewRecordSetsClientWithBaseURI(d.config.ResourceManagerEndpoint, d.config.SubscriptionID)
 	rsc.Authorizer = d.authorizer
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
@ -54,7 +54,7 @@ func (d *dnsProviderPrivate) Present(domain, token, keyAuth string) error {
 	}
 	// Construct unique TXT records using map
-	uniqRecords := map[string]struct{}{value: {}}
+	uniqRecords := map[string]struct{}{info.Value: {}}
 	if rset.RecordSetProperties != nil && rset.TxtRecords != nil {
 		for _, txtRecord := range *rset.TxtRecords {
 			// Assume Value doesn't contain multiple strings
@ -88,14 +88,14 @@ func (d *dnsProviderPrivate) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *dnsProviderPrivate) CleanUp(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZoneID(ctx, fqdn)
+	zone, err := d.getHostedZoneID(ctx, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
--- a/providers/dns/azure/public.go
+++ b/providers/dns/azure/public.go
@ -29,9 +29,9 @@ func (d *dnsProviderPublic) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *dnsProviderPublic) Present(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZoneID(ctx, fqdn)
+	zone, err := d.getHostedZoneID(ctx, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
@ -39,7 +39,7 @@ func (d *dnsProviderPublic) Present(domain, token, keyAuth string) error {
 	rsc := dns.NewRecordSetsClientWithBaseURI(d.config.ResourceManagerEndpoint, d.config.SubscriptionID)
 	rsc.Authorizer = d.authorizer
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
@ -54,7 +54,7 @@ func (d *dnsProviderPublic) Present(domain, token, keyAuth string) error {
 	}
 	// Construct unique TXT records using map
-	uniqRecords := map[string]struct{}{value: {}}
+	uniqRecords := map[string]struct{}{info.Value: {}}
 	if rset.RecordSetProperties != nil && rset.TxtRecords != nil {
 		for _, txtRecord := range *rset.TxtRecords {
 			// Assume Value doesn't contain multiple strings
@ -88,14 +88,14 @@ func (d *dnsProviderPublic) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *dnsProviderPublic) CleanUp(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZoneID(ctx, fqdn)
+	zone, err := d.getHostedZoneID(ctx, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("azure: %w", err)
 	}
--- a/providers/dns/bindman/bindman.go
+++ b/providers/dns/bindman/bindman.go
@ -84,9 +84,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // This will *not* create a subzone to contain the TXT record,
 // so make sure the FQDN specified is within an extant zone.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	if err := d.client.AddRecord(fqdn, "TXT", value); err != nil {
+	if err := d.client.AddRecord(info.EffectiveFQDN, "TXT", info.Value); err != nil {
 		return fmt.Errorf("bindman: %w", err)
 	}
 	return nil
@ -94,9 +94,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	if err := d.client.RemoveRecord(fqdn, "TXT"); err != nil {
+	if err := d.client.RemoveRecord(info.EffectiveFQDN, "TXT"); err != nil {
 		return fmt.Errorf("bindman: %w", err)
 	}
 	return nil
--- a/providers/dns/bluecat/bluecat.go
+++ b/providers/dns/bluecat/bluecat.go
@ -110,7 +110,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // This will *not* create a sub-zone to contain the TXT record,
 // so make sure the FQDN specified is within an existent zone.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	err := d.client.Login(d.config.UserName, d.config.Password)
 	if err != nil {
@ -122,19 +122,19 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("bluecat: lookupViewID: %w", err)
 	}
-	parentZoneID, name, err := d.client.LookupParentZoneID(viewID, fqdn)
+	parentZoneID, name, err := d.client.LookupParentZoneID(viewID, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("bluecat: lookupParentZoneID: %w", err)
 	}
 	if d.config.Debug {
-		log.Infof("fqdn: %s; viewID: %d; ZoneID: %d; zone: %s", fqdn, viewID, parentZoneID, name)
+		log.Infof("fqdn: %s; viewID: %d; ZoneID: %d; zone: %s", info.EffectiveFQDN, viewID, parentZoneID, name)
 	}
 	txtRecord := internal.Entity{
 		Name:       name,
 		Type:       internal.TXTType,
-		Properties: fmt.Sprintf("ttl=%d|absoluteName=%s|txt=%s|", d.config.TTL, fqdn, value),
+		Properties: fmt.Sprintf("ttl=%d|absoluteName=%s|txt=%s|", d.config.TTL, info.EffectiveFQDN, info.Value),
 	}
 	_, err = d.client.AddEntity(parentZoneID, txtRecord)
@ -157,7 +157,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	err := d.client.Login(d.config.UserName, d.config.Password)
 	if err != nil {
@ -169,7 +169,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("bluecat: lookupViewID: %w", err)
 	}
-	parentZoneID, name, err := d.client.LookupParentZoneID(viewID, fqdn)
+	parentZoneID, name, err := d.client.LookupParentZoneID(viewID, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("bluecat: lookupParentZoneID: %w", err)
 	}
--- a/providers/dns/bunny/bunny.go
+++ b/providers/dns/bunny/bunny.go
@ -89,11 +89,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := getZone(fqdn)
+	authZone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("bunny: failed to find zone: fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("bunny: failed to find zone: fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	ctx := context.Background()
@ -103,7 +103,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("bunny: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("bunny: %w", err)
 	}
@ -111,12 +111,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := &bunny.AddOrUpdateDNSRecordOptions{
 		Type:  pointer(bunny.DNSRecordTypeTXT),
 		Name:  pointer(subDomain),
-		Value: pointer(value),
+		Value: pointer(info.Value),
 		TTL:   pointer(int32(d.config.TTL)),
 	}
 	if _, err := d.client.DNSZone.AddDNSRecord(ctx, deref(zone.ID), record); err != nil {
-		return fmt.Errorf("bunny: failed to add TXT record: fqdn=%s, zoneID=%d: %w", fqdn, deref(zone.ID), err)
+		return fmt.Errorf("bunny: failed to add TXT record: fqdn=%s, zoneID=%d: %w", info.EffectiveFQDN, deref(zone.ID), err)
 	}
 	return nil
@ -124,11 +124,11 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := getZone(fqdn)
+	authZone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("bunny:  failed to find zone: fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("bunny:  failed to find zone: fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	ctx := context.Background()
@ -138,7 +138,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("bunny: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("bunny: %w", err)
 	}
--- a/providers/dns/checkdomain/checkdomain.go
+++ b/providers/dns/checkdomain/checkdomain.go
@ -112,13 +112,13 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("checkdomain: %w", err)
 	}
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	err = d.createRecord(domainID, &Record{
-		Name:  fqdn,
+		Name:  info.EffectiveFQDN,
 		TTL:   d.config.TTL,
 		Type:  "TXT",
-		Value: value,
+		Value: info.Value,
 	})
 	if err != nil {
@ -141,15 +141,15 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("checkdomain: %w", err)
 	}
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err = d.deleteTXTRecord(domainID, fqdn, value)
+	err = d.deleteTXTRecord(domainID, info.EffectiveFQDN, info.Value)
 	if err != nil {
 		return fmt.Errorf("checkdomain: %w", err)
 	}
 	d.domainIDMu.Lock()
-	delete(d.domainIDMapping, fqdn)
+	delete(d.domainIDMapping, info.EffectiveFQDN)
 	d.domainIDMu.Unlock()
 	return nil
--- a/providers/dns/checkdomain/client_test.go
+++ b/providers/dns/checkdomain/client_test.go
@ -225,7 +225,7 @@ func Test_deleteTXTRecord(t *testing.T) {
 		}
 	})
-	fqdn, _ := dns01.GetRecord(domainName, "abc")
+	info := dns01.GetChallengeInfo(domainName, "abc")
-	err := prd.deleteTXTRecord(1, fqdn, recordValue)
+	err := prd.deleteTXTRecord(1, info.EffectiveFQDN, recordValue)
 	require.NoError(t, err)
 }
--- a/providers/dns/civo/civo.go
+++ b/providers/dns/civo/civo.go
@ -91,11 +91,11 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := getZone(fqdn)
+	zone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("civo: failed to find zone: fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("civo: failed to find zone: fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	dnsDomain, err := d.client.GetDNSDomain(zone)
@ -103,14 +103,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("civo: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("civo: %w", err)
 	}
 	_, err = d.client.CreateDNSRecord(dnsDomain.ID, &civogo.DNSRecordConfig{
 		Name:  subDomain,
-		Value: value,
+		Value: info.Value,
 		Type:  civogo.DNSRecordTypeTXT,
 		TTL:   d.config.TTL,
 	})
@ -123,11 +123,11 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := getZone(fqdn)
+	zone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("civo: failed to find zone: fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("civo: failed to find zone: fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	dnsDomain, err := d.client.GetDNSDomain(zone)
@ -140,14 +140,14 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("civo: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("civo: %w", err)
 	}
 	var dnsRecord civogo.DNSRecord
 	for _, entry := range dnsRecords {
-		if entry.Name == subDomain && entry.Value == value {
+		if entry.Name == subDomain && entry.Value == info.Value {
 			dnsRecord = entry
 			break
 		}
--- a/providers/dns/clouddns/clouddns.go
+++ b/providers/dns/clouddns/clouddns.go
@ -103,14 +103,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("clouddns: %w", err)
 	}
-	err = d.client.AddRecord(authZone, fqdn, value)
+	err = d.client.AddRecord(authZone, info.EffectiveFQDN, info.Value)
 	if err != nil {
 		return fmt.Errorf("clouddns: %w", err)
 	}
@ -120,14 +120,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("clouddns: %w", err)
 	}
-	err = d.client.DeleteRecord(authZone, fqdn)
+	err = d.client.DeleteRecord(authZone, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("clouddns: %w", err)
 	}
--- a/providers/dns/cloudflare/cloudflare.go
+++ b/providers/dns/cloudflare/cloudflare.go
@ -122,9 +122,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("cloudflare: %w", err)
 	}
@ -136,8 +136,8 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	dnsRecord := cloudflare.DNSRecord{
 		Type:    "TXT",
-		Name:    dns01.UnFqdn(fqdn),
+		Name:    dns01.UnFqdn(info.EffectiveFQDN),
-		Content: value,
+		Content: info.Value,
 		TTL:     d.config.TTL,
 	}
@ -161,9 +161,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("cloudflare: %w", err)
 	}
@ -178,7 +178,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("cloudflare: unknown record ID for '%s'", fqdn)
+		return fmt.Errorf("cloudflare: unknown record ID for '%s'", info.EffectiveFQDN)
 	}
 	err = d.client.DeleteDNSRecord(context.Background(), zoneID, recordID)
--- a/providers/dns/cloudns/cloudns.go
+++ b/providers/dns/cloudns/cloudns.go
@ -102,14 +102,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.client.GetZone(fqdn)
+	zone, err := d.client.GetZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("ClouDNS: %w", err)
 	}
-	err = d.client.AddTxtRecord(zone.Name, fqdn, value, d.config.TTL)
+	err = d.client.AddTxtRecord(zone.Name, info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("ClouDNS: %w", err)
 	}
@ -119,14 +119,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT records matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.client.GetZone(fqdn)
+	zone, err := d.client.GetZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("ClouDNS: %w", err)
 	}
-	records, err := d.client.ListTxtRecords(zone.Name, fqdn)
+	records, err := d.client.ListTxtRecords(zone.Name, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("ClouDNS: %w", err)
 	}
--- a/providers/dns/cloudxns/cloudxns.go
+++ b/providers/dns/cloudxns/cloudxns.go
@ -87,26 +87,26 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	challengeInfo := dns01.GetChallengeInfo(domain, keyAuth)
-	info, err := d.client.GetDomainInformation(fqdn)
+	info, err := d.client.GetDomainInformation(challengeInfo.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
-	return d.client.AddTxtRecord(info, fqdn, value, d.config.TTL)
+	return d.client.AddTxtRecord(info, challengeInfo.EffectiveFQDN, challengeInfo.Value, d.config.TTL)
 }
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	challengeInfo := dns01.GetChallengeInfo(domain, keyAuth)
-	info, err := d.client.GetDomainInformation(fqdn)
+	info, err := d.client.GetDomainInformation(challengeInfo.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
-	record, err := d.client.FindTxtRecord(info.ID, fqdn)
+	record, err := d.client.FindTxtRecord(info.ID, challengeInfo.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
--- a/providers/dns/conoha/conoha.go
+++ b/providers/dns/conoha/conoha.go
@ -103,9 +103,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
@ -116,9 +116,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	record := internal.Record{
-		Name: fqdn,
+		Name: info.EffectiveFQDN,
 		Type: "TXT",
-		Data: value,
+		Data: info.Value,
 		TTL:  d.config.TTL,
 	}
@ -132,9 +132,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp clears ConoHa DNS TXT record.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
@ -144,7 +144,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("conoha: failed to get domain ID: %w", err)
 	}
-	recID, err := d.client.GetRecordID(domID, fqdn, "TXT", value)
+	recID, err := d.client.GetRecordID(domID, info.EffectiveFQDN, "TXT", info.Value)
 	if err != nil {
 		return fmt.Errorf("conoha: failed to get record ID: %w", err)
 	}
--- a/providers/dns/constellix/constellix.go
+++ b/providers/dns/constellix/constellix.go
@ -97,11 +97,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("constellix: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("constellix: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
 	dom, err := d.client.Domains.GetByName(dns01.UnFqdn(authZone))
@ -109,7 +109,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("constellix: failed to get domain (%s): %w", authZone, err)
 	}
-	recordName, err := dns01.ExtractSubDomain(fqdn, authZone)
+	recordName, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("constellix: %w", err)
 	}
@ -125,10 +125,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	// TXT record entry already existing
 	if len(records) == 1 {
-		return d.appendRecordValue(dom, records[0].ID, value)
+		return d.appendRecordValue(dom, records[0].ID, info.Value)
 	}
-	err = d.createRecord(dom, fqdn, recordName, value)
+	err = d.createRecord(dom, info.EffectiveFQDN, recordName, info.Value)
 	if err != nil {
 		return fmt.Errorf("constellix: %w", err)
 	}
@ -138,11 +138,11 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("constellix: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("constellix: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
 	dom, err := d.client.Domains.GetByName(dns01.UnFqdn(authZone))
@ -150,7 +150,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("constellix: failed to get domain (%s): %w", authZone, err)
 	}
-	recordName, err := dns01.ExtractSubDomain(fqdn, authZone)
+	recordName, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("constellix: %w", err)
 	}
@ -173,7 +173,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("constellix: failed to get TXT records: %w", err)
 	}
-	if !containsValue(record, value) {
+	if !containsValue(record, info.Value) {
 		return nil
 	}
@ -186,7 +186,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return nil
 	}
-	err = d.removeRecordValue(dom, record, value)
+	err = d.removeRecordValue(dom, record, info.Value)
 	if err != nil {
 		return fmt.Errorf("constellix: %w", err)
 	}
--- a/providers/dns/desec/desec.go
+++ b/providers/dns/desec/desec.go
@ -101,15 +101,15 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	quotedValue := fmt.Sprintf(`%q`, value)
+	quotedValue := fmt.Sprintf(`%q`, info.Value)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("desec: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("desec: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
-	recordName, err := dns01.ExtractSubDomain(fqdn, authZone)
+	recordName, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("desec: %w", err)
 	}
@ -152,14 +152,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("desec: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("desec: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
-	recordName, err := dns01.ExtractSubDomain(fqdn, authZone)
+	recordName, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("desec: %w", err)
 	}
@ -173,7 +173,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	records := make([]string, 0)
 	for _, record := range rrSet.Records {
-		if record != fmt.Sprintf(`%q`, value) {
+		if record != fmt.Sprintf(`%q`, info.Value) {
 			records = append(records, record)
 		}
 	}
--- a/providers/dns/designate/designate.go
+++ b/providers/dns/designate/designate.go
@ -124,9 +124,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("designate: couldn't get zone ID in Present: %w", err)
 	}
@ -140,21 +140,21 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	d.dnsEntriesMu.Lock()
 	defer d.dnsEntriesMu.Unlock()
-	existingRecord, err := d.getRecord(zoneID, fqdn)
+	existingRecord, err := d.getRecord(zoneID, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("designate: %w", err)
 	}
 	if existingRecord != nil {
-		if contains(existingRecord.Records, value) {
+		if contains(existingRecord.Records, info.Value) {
-			log.Printf("designate: the record already exists: %s", value)
+			log.Printf("designate: the record already exists: %s", info.Value)
 			return nil
 		}
-		return d.updateRecord(existingRecord, value)
+		return d.updateRecord(existingRecord, info.Value)
 	}
-	err = d.createRecord(zoneID, fqdn, value)
+	err = d.createRecord(zoneID, info.EffectiveFQDN, info.Value)
 	if err != nil {
 		return fmt.Errorf("designate: %w", err)
 	}
@ -164,9 +164,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
@ -180,7 +180,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	d.dnsEntriesMu.Lock()
 	defer d.dnsEntriesMu.Unlock()
-	record, err := d.getRecord(zoneID, fqdn)
+	record, err := d.getRecord(zoneID, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("designate: couldn't get Record ID in CleanUp: %w", err)
 	}
@ -192,7 +192,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	err = recordsets.Delete(d.client, zoneID, record.ID).ExtractErr()
 	if err != nil {
-		return fmt.Errorf("designate: error for %s in CleanUp: %w", fqdn, err)
+		return fmt.Errorf("designate: error for %s in CleanUp: %w", info.EffectiveFQDN, err)
 	}
 	return nil
 }
--- a/providers/dns/digitalocean/digitalocean.go
+++ b/providers/dns/digitalocean/digitalocean.go
@ -98,9 +98,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	respData, err := d.addTxtRecord(fqdn, value)
+	respData, err := d.addTxtRecord(info.EffectiveFQDN, info.Value)
 	if err != nil {
 		return fmt.Errorf("digitalocean: %w", err)
 	}
@ -114,9 +114,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("digitalocean: %w", err)
 	}
@ -126,7 +126,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("digitalocean: unknown record ID for '%s'", fqdn)
+		return fmt.Errorf("digitalocean: unknown record ID for '%s'", info.EffectiveFQDN)
 	}
 	err = d.removeTxtRecord(authZone, recordID)
--- a/providers/dns/dnshomede/dnshomede.go
+++ b/providers/dns/dnshomede/dnshomede.go
@ -97,9 +97,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present updates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.client.Add(dns01.UnFqdn(fqdn), value)
+	err := d.client.Add(dns01.UnFqdn(info.EffectiveFQDN), info.Value)
 	if err != nil {
 		return fmt.Errorf("dnshomede: %w", err)
 	}
@ -109,9 +109,9 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 // CleanUp updates the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.client.Remove(dns01.UnFqdn(fqdn), value)
+	err := d.client.Remove(dns01.UnFqdn(info.EffectiveFQDN), info.Value)
 	if err != nil {
 		return fmt.Errorf("dnshomede: %w", err)
 	}
--- a/providers/dns/dnsimple/dnsimple.go
+++ b/providers/dns/dnsimple/dnsimple.go
@ -90,9 +90,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, err := d.getHostedZone(fqdn)
+	zoneName, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("dnsimple: %w", err)
 	}
@ -102,7 +102,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("dnsimple: %w", err)
 	}
-	recordAttributes, err := newTxtRecord(zoneName, fqdn, value, d.config.TTL)
+	recordAttributes, err := newTxtRecord(zoneName, info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("dnsimple: %w", err)
 	}
@ -117,9 +117,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	records, err := d.findTxtRecords(fqdn)
+	records, err := d.findTxtRecords(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("dnsimple: %w", err)
 	}
--- a/providers/dns/dnsmadeeasy/dnsmadeeasy.go
+++ b/providers/dns/dnsmadeeasy/dnsmadeeasy.go
@ -111,11 +111,11 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domainName, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domainName, keyAuth)
+	info := dns01.GetChallengeInfo(domainName, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("dnsmadeeasy: unable to find zone for %s: %w", fqdn, err)
+		return fmt.Errorf("dnsmadeeasy: unable to find zone for %s: %w", info.EffectiveFQDN, err)
 	}
 	// fetch the domain details
@ -125,8 +125,8 @@ func (d *DNSProvider) Present(domainName, token, keyAuth string) error {
 	}
 	// create the TXT record
-	name := strings.Replace(fqdn, "."+authZone, "", 1)
+	name := strings.Replace(info.EffectiveFQDN, "."+authZone, "", 1)
-	record := &internal.Record{Type: "TXT", Name: name, Value: value, TTL: d.config.TTL}
+	record := &internal.Record{Type: "TXT", Name: name, Value: info.Value, TTL: d.config.TTL}
 	err = d.client.CreateRecord(domain, record)
 	if err != nil {
@ -137,11 +137,11 @@ func (d *DNSProvider) Present(domainName, token, keyAuth string) error {
 // CleanUp removes the TXT records matching the specified parameters.
 func (d *DNSProvider) CleanUp(domainName, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domainName, keyAuth)
+	info := dns01.GetChallengeInfo(domainName, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("dnsmadeeasy: unable to find zone for %s: %w", fqdn, err)
+		return fmt.Errorf("dnsmadeeasy: unable to find zone for %s: %w", info.EffectiveFQDN, err)
 	}
 	// fetch the domain details
@ -151,7 +151,7 @@ func (d *DNSProvider) CleanUp(domainName, token, keyAuth string) error {
 	}
 	// find matching records
-	name := strings.Replace(fqdn, "."+authZone, "", 1)
+	name := strings.Replace(info.EffectiveFQDN, "."+authZone, "", 1)
 	records, err := d.client.GetRecords(domain, name, "TXT")
 	if err != nil {
 		return fmt.Errorf("dnsmadeeasy: unable to get records for domain %s: %w", domain.Name, err)
--- a/providers/dns/dnspod/dnspod.go
+++ b/providers/dns/dnspod/dnspod.go
@ -86,14 +86,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneID, zoneName, err := d.getHostedZone(fqdn)
+	zoneID, zoneName, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
-	recordAttributes, err := d.newTxtRecord(zoneName, fqdn, value, d.config.TTL)
+	recordAttributes, err := d.newTxtRecord(zoneName, info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return err
 	}
@ -108,14 +108,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneID, zoneName, err := d.getHostedZone(fqdn)
+	zoneID, zoneName, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
-	records, err := d.findTxtRecords(fqdn, zoneID, zoneName)
+	records, err := d.findTxtRecords(info.EffectiveFQDN, zoneID, zoneName)
 	if err != nil {
 		return err
 	}
--- a/providers/dns/dode/dode.go
+++ b/providers/dns/dode/dode.go
@ -78,14 +78,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, txtRecord := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	return d.updateTxtRecord(fqdn, d.config.Token, txtRecord, false)
+	return d.updateTxtRecord(info.EffectiveFQDN, d.config.Token, info.Value, false)
 }
 // CleanUp clears TXT record.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	return d.updateTxtRecord(fqdn, d.config.Token, "", true)
+	return d.updateTxtRecord(info.EffectiveFQDN, d.config.Token, "", true)
 }
 // Timeout returns the timeout and interval to use when checking for DNS propagation.
--- a/providers/dns/domeneshop/domeneshop.go
+++ b/providers/dns/domeneshop/domeneshop.go
@ -93,9 +93,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, host, err := d.splitDomain(fqdn)
+	zone, host, err := d.splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("domeneshop: %w", err)
 	}
@ -105,7 +105,7 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 		return fmt.Errorf("domeneshop: %w", err)
 	}
-	err = d.client.CreateTXTRecord(domainInstance, host, value)
+	err = d.client.CreateTXTRecord(domainInstance, host, info.Value)
 	if err != nil {
 		return fmt.Errorf("domeneshop: failed to create record: %w", err)
 	}
@ -115,9 +115,9 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, host, err := d.splitDomain(fqdn)
+	zone, host, err := d.splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("domeneshop: %w", err)
 	}
@ -127,7 +127,7 @@ func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
 		return fmt.Errorf("domeneshop: %w", err)
 	}
-	if err := d.client.DeleteTXTRecord(domainInstance, host, value); err != nil {
+	if err := d.client.DeleteTXTRecord(domainInstance, host, info.Value); err != nil {
 		return fmt.Errorf("domeneshop: failed to create record: %w", err)
 	}
--- a/providers/dns/dreamhost/dreamhost.go
+++ b/providers/dns/dreamhost/dreamhost.go
@ -83,10 +83,10 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	record := dns01.UnFqdn(fqdn)
+	record := dns01.UnFqdn(info.EffectiveFQDN)
-	u, err := d.buildQuery(cmdAddRecord, record, value)
+	u, err := d.buildQuery(cmdAddRecord, record, info.Value)
 	if err != nil {
 		return fmt.Errorf("dreamhost: %w", err)
 	}
@ -100,10 +100,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	record := dns01.UnFqdn(fqdn)
+	record := dns01.UnFqdn(info.EffectiveFQDN)
-	u, err := d.buildQuery(cmdRemoveRecord, record, value)
+	u, err := d.buildQuery(cmdRemoveRecord, record, info.Value)
 	if err != nil {
 		return fmt.Errorf("dreamhost: %w", err)
 	}
--- a/providers/dns/duckdns/duckdns.go
+++ b/providers/dns/duckdns/duckdns.go
@ -79,14 +79,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, txtRecord := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	return d.updateTxtRecord(dns01.UnFqdn(fqdn), d.config.Token, txtRecord, false)
+	return d.updateTxtRecord(dns01.UnFqdn(info.EffectiveFQDN), d.config.Token, info.Value, false)
 }
 // CleanUp clears DuckDNS TXT record.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	return d.updateTxtRecord(dns01.UnFqdn(fqdn), d.config.Token, "", true)
+	return d.updateTxtRecord(dns01.UnFqdn(info.EffectiveFQDN), d.config.Token, "", true)
 }
 // Timeout returns the timeout and interval to use when checking for DNS propagation.
--- a/providers/dns/dyn/dyn.go
+++ b/providers/dns/dyn/dyn.go
@ -87,9 +87,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("dyn: %w", err)
 	}
@ -101,12 +101,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	data := map[string]interface{}{
 		"rdata": map[string]string{
-			"txtdata": value,
+			"txtdata": info.Value,
 		},
 		"ttl": strconv.Itoa(d.config.TTL),
 	}
-	resource := fmt.Sprintf("TXTRecord/%s/%s/", authZone, fqdn)
+	resource := fmt.Sprintf("TXTRecord/%s/%s/", authZone, info.EffectiveFQDN)
 	_, err = d.sendRequest(http.MethodPost, resource, data)
 	if err != nil {
 		return fmt.Errorf("dyn: %w", err)
@ -122,9 +122,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("dyn: %w", err)
 	}
@ -134,7 +134,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("dyn: %w", err)
 	}
-	resource := fmt.Sprintf("TXTRecord/%s/%s/", authZone, fqdn)
+	resource := fmt.Sprintf("TXTRecord/%s/%s/", authZone, info.EffectiveFQDN)
 	url := fmt.Sprintf("%s/%s", defaultBaseURL, resource)
 	req, err := http.NewRequest(http.MethodDelete, url, nil)
--- a/providers/dns/dynu/dynu.go
+++ b/providers/dns/dynu/dynu.go
@ -95,26 +95,26 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	rootDomain, err := d.client.GetRootDomain(dns01.UnFqdn(fqdn))
+	rootDomain, err := d.client.GetRootDomain(dns01.UnFqdn(info.EffectiveFQDN))
 	if err != nil {
 		return fmt.Errorf("dynu: could not find root domain for %s: %w", domain, err)
 	}
-	records, err := d.client.GetRecords(dns01.UnFqdn(fqdn), "TXT")
+	records, err := d.client.GetRecords(dns01.UnFqdn(info.EffectiveFQDN), "TXT")
 	if err != nil {
 		return fmt.Errorf("dynu: failed to get records for %s: %w", domain, err)
 	}
 	for _, record := range records {
 		// the record already exist
-		if record.Hostname == dns01.UnFqdn(fqdn) && record.TextData == value {
+		if record.Hostname == dns01.UnFqdn(info.EffectiveFQDN) && record.TextData == info.Value {
 			return nil
 		}
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, rootDomain.DomainName)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, rootDomain.DomainName)
 	if err != nil {
 		return fmt.Errorf("dynu: %w", err)
 	}
@ -122,9 +122,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.DNSRecord{
 		Type:       "TXT",
 		DomainName: rootDomain.DomainName,
-		Hostname:   dns01.UnFqdn(fqdn),
+		Hostname:   dns01.UnFqdn(info.EffectiveFQDN),
 		NodeName:   subDomain,
-		TextData:   value,
+		TextData:   info.Value,
 		State:      true,
 		TTL:        d.config.TTL,
 	}
@ -139,20 +139,20 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	rootDomain, err := d.client.GetRootDomain(dns01.UnFqdn(fqdn))
+	rootDomain, err := d.client.GetRootDomain(dns01.UnFqdn(info.EffectiveFQDN))
 	if err != nil {
 		return fmt.Errorf("dynu: could not find root domain for %s: %w", domain, err)
 	}
-	records, err := d.client.GetRecords(dns01.UnFqdn(fqdn), "TXT")
+	records, err := d.client.GetRecords(dns01.UnFqdn(info.EffectiveFQDN), "TXT")
 	if err != nil {
 		return fmt.Errorf("dynu: failed to get records for %s: %w", domain, err)
 	}
 	for _, record := range records {
-		if record.Hostname == dns01.UnFqdn(fqdn) && record.TextData == value {
+		if record.Hostname == dns01.UnFqdn(info.EffectiveFQDN) && record.TextData == info.Value {
 			err = d.client.DeleteRecord(rootDomain.ID, record.ID)
 			if err != nil {
 				return fmt.Errorf("dynu: failed to remove TXT record for %s: %w", domain, err)
--- a/providers/dns/easydns/easydns.go
+++ b/providers/dns/easydns/easydns.go
@ -103,14 +103,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	apiHost, apiDomain := splitFqdn(fqdn)
+	apiHost, apiDomain := splitFqdn(info.EffectiveFQDN)
 	record := &zoneRecord{
 		Domain: apiDomain,
 		Host:   apiHost,
 		Type:   "TXT",
-		Rdata:  value,
+		Rdata:  info.Value,
 		TTL:    strconv.Itoa(d.config.TTL),
 		Prio:   "0",
 	}
@ -120,7 +120,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("easydns: error adding zone record: %w", err)
 	}
-	key := getMapKey(fqdn, value)
+	key := getMapKey(info.EffectiveFQDN, info.Value)
 	d.recordIDsMu.Lock()
 	d.recordIDs[key] = recordID
@ -131,15 +131,15 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, challenge := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	key := getMapKey(fqdn, challenge)
+	key := getMapKey(info.EffectiveFQDN, info.Value)
 	recordID, exists := d.recordIDs[key]
 	if !exists {
 		return nil
 	}
-	_, apiDomain := splitFqdn(fqdn)
+	_, apiDomain := splitFqdn(info.EffectiveFQDN)
 	err := d.deleteRecord(apiDomain, recordID)
 	d.recordIDsMu.Lock()
--- a/providers/dns/edgedns/edgedns.go
+++ b/providers/dns/edgedns/edgedns.go
@ -107,14 +107,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := findZone(fqdn)
+	zone, err := findZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("edgedns: %w", err)
 	}
-	record, err := configdns.GetRecord(zone, fqdn, "TXT")
+	record, err := configdns.GetRecord(zone, info.EffectiveFQDN, "TXT")
 	if err != nil && !isNotFound(err) {
 		return fmt.Errorf("edgedns: %w", err)
 	}
@ -126,12 +126,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	if record != nil {
 		log.Infof("TXT record already exists. Updating target")
-		if containsValue(record.Target, value) {
+		if containsValue(record.Target, info.Value) {
 			// have a record and have entry already
 			return nil
 		}
-		record.Target = append(record.Target, `"`+value+`"`)
+		record.Target = append(record.Target, `"`+info.Value+`"`)
 		record.TTL = d.config.TTL
 		err = record.Update(zone)
@ -143,10 +143,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	record = &configdns.RecordBody{
-		Name:       fqdn,
+		Name:       info.EffectiveFQDN,
 		RecordType: "TXT",
 		TTL:        d.config.TTL,
-		Target:     []string{`"` + value + `"`},
+		Target:     []string{`"` + info.Value + `"`},
 	}
 	err = record.Save(zone)
@ -159,14 +159,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := findZone(fqdn)
+	zone, err := findZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("edgedns: %w", err)
 	}
-	existingRec, err := configdns.GetRecord(zone, fqdn, "TXT")
+	existingRec, err := configdns.GetRecord(zone, info.EffectiveFQDN, "TXT")
 	if err != nil {
 		if isNotFound(err) {
 			return nil
@ -182,14 +182,14 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("edgedns: TXT record is invalid")
 	}
-	if !containsValue(existingRec.Target, value) {
+	if !containsValue(existingRec.Target, info.Value) {
 		return nil
 	}
 	var newRData []string
 	for _, val := range existingRec.Target {
 		val = strings.Trim(val, `"`)
-		if val == value {
+		if val == info.Value {
 			continue
 		}
 		newRData = append(newRData, val)
--- a/providers/dns/epik/epik.go
+++ b/providers/dns/epik/epik.go
@ -93,15 +93,15 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// find authZone
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("epik: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("epik: %w", err)
 	}
@ -109,7 +109,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.RecordRequest{
 		Host: subDomain,
 		Type: "TXT",
-		Data: value,
+		Data: info.Value,
 		TTL:  d.config.TTL,
 	}
@ -123,10 +123,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// find authZone
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("epik: %w", err)
 	}
@ -138,13 +138,13 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("epik: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("epik: %w", err)
 	}
 	for _, record := range records {
-		if strings.EqualFold(record.Type, "TXT") && record.Data == value && record.Name == subDomain {
+		if strings.EqualFold(record.Type, "TXT") && record.Data == info.Value && record.Name == subDomain {
 			_, err = d.client.RemoveHostRecord(dom, record.ID)
 			if err != nil {
 				return fmt.Errorf("epik: %w", err)
--- a/providers/dns/exec/exec.go
+++ b/providers/dns/exec/exec.go
@ -79,8 +79,8 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	if d.config.Mode == "RAW" {
 		args = []string{"present", "--", domain, token, keyAuth}
 	} else {
-		fqdn, value := dns01.GetRecord(domain, keyAuth)
+		info := dns01.GetChallengeInfo(domain, keyAuth)
-		args = []string{"present", fqdn, value}
+		args = []string{"present", info.EffectiveFQDN, info.Value}
 	}
 	cmd := exec.Command(d.config.Program, args...)
@ -99,8 +99,8 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	if d.config.Mode == "RAW" {
 		args = []string{"cleanup", "--", domain, token, keyAuth}
 	} else {
-		fqdn, value := dns01.GetRecord(domain, keyAuth)
+		info := dns01.GetChallengeInfo(domain, keyAuth)
-		args = []string{"cleanup", fqdn, value}
+		args = []string{"cleanup", info.EffectiveFQDN, info.Value}
 	}
 	cmd := exec.Command(d.config.Program, args...)
--- a/providers/dns/exoscale/exoscale.go
+++ b/providers/dns/exoscale/exoscale.go
@ -112,9 +112,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, recordName, err := d.findZoneAndRecordName(fqdn)
+	zoneName, recordName, err := d.findZoneAndRecordName(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
@ -127,22 +127,20 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("exoscale: zone %q not found", zoneName)
 	}
-	recordID, err := d.findExistingRecordID(*zone.ID, recordName)
+	recordID, err := d.findExistingRecordID(deref(zone.ID), recordName)
 	if err != nil {
 		return fmt.Errorf("exoscale: %w", err)
 	}
 	recordType := "TXT"
 	if recordID == "" {
 		record := egoscale.DNSDomainRecord{
-			Name:    &recordName,
+			Name:    pointer(recordName),
-			TTL:     &d.config.TTL,
+			TTL:     pointer(d.config.TTL),
-			Content: &value,
+			Content: pointer(info.Value),
-			Type:    &recordType,
+			Type:    pointer("TXT"),
 		}
-		_, err = d.client.CreateDNSDomainRecord(ctx, d.apiZone, *zone.ID, &record)
+		_, err = d.client.CreateDNSDomainRecord(ctx, d.apiZone, deref(zone.ID), &record)
 		if err != nil {
 			return fmt.Errorf("exoscale: error while creating DNS record: %w", err)
 		}
@ -151,14 +149,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	record := egoscale.DNSDomainRecord{
-		ID:      &recordID,
+		ID:      pointer(recordID),
-		Name:    &recordName,
+		Name:    pointer(recordName),
-		TTL:     &d.config.TTL,
+		TTL:     pointer(d.config.TTL),
-		Content: &value,
+		Content: pointer(info.Value),
-		Type:    &recordType,
+		Type:    pointer("TXT"),
 	}
-	err = d.client.UpdateDNSDomainRecord(ctx, d.apiZone, *zone.ID, &record)
+	err = d.client.UpdateDNSDomainRecord(ctx, d.apiZone, deref(zone.ID), &record)
 	if err != nil {
 		return fmt.Errorf("exoscale: error while updating DNS record: %w", err)
 	}
@ -169,9 +167,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, recordName, err := d.findZoneAndRecordName(fqdn)
+	zoneName, recordName, err := d.findZoneAndRecordName(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
@ -184,13 +182,13 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("exoscale: zone %q not found", zoneName)
 	}
-	recordID, err := d.findExistingRecordID(*zone.ID, recordName)
+	recordID, err := d.findExistingRecordID(deref(zone.ID), recordName)
 	if err != nil {
 		return err
 	}
 	if recordID != "" {
-		err = d.client.DeleteDNSDomainRecord(ctx, d.apiZone, *zone.ID, &egoscale.DNSDomainRecord{ID: &recordID})
+		err = d.client.DeleteDNSDomainRecord(ctx, d.apiZone, deref(zone.ID), &egoscale.DNSDomainRecord{ID: &recordID})
 		if err != nil {
 			return fmt.Errorf("exoscale: error while deleting DNS record: %w", err)
 		}
@ -216,7 +214,7 @@ func (d *DNSProvider) findExistingZone(zoneName string) (*egoscale.DNSDomain, er
 	}
 	for _, zone := range zones {
-		if zone.UnicodeName != nil && *zone.UnicodeName == zoneName {
+		if zone.UnicodeName != nil && deref(zone.UnicodeName) == zoneName {
 			return &zone, nil
 		}
 	}
@ -234,11 +232,10 @@ func (d *DNSProvider) findExistingRecordID(zoneID, recordName string) (string, e
 		return "", fmt.Errorf("error while retrieving DNS records: %w", err)
 	}
 	recordType := "TXT"
 	for _, record := range records {
-		if record.Name != nil && *record.Name == recordName &&
+		if deref(record.Name) == recordName &&
-			record.Type != nil && *record.Type == recordType {
+			deref(record.Type) == "TXT" {
-			return *record.ID, nil
+			return deref(record.ID), nil
 		}
 	}
@ -261,3 +258,14 @@ func (d *DNSProvider) findZoneAndRecordName(fqdn string) (string, string, error)
 	return zone, subDomain, nil
 }
 func pointer[T string | int | int32 | int64](v T) *T { return &v }
 func deref[T string | int | int32 | int64](v *T) T {
 	if v == nil {
 		var zero T
 		return zero
 	}
 	return *v
 }
--- a/providers/dns/freemyip/freemyip.go
+++ b/providers/dns/freemyip/freemyip.go
@ -105,14 +105,14 @@ func (d *DNSProvider) Sequential() time.Duration {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	subDomain, err := dns01.ExtractSubDomain(fqdn, freemyip.RootDomain)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, freemyip.RootDomain)
 	if err != nil {
 		return fmt.Errorf("freemyip: %w", err)
 	}
-	_, err = d.client.EditTXTRecord(context.Background(), subDomain, value)
+	_, err = d.client.EditTXTRecord(context.Background(), subDomain, info.Value)
 	if err != nil {
 		return fmt.Errorf("freemyip: %w", err)
 	}
@ -122,9 +122,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	subDomain, err := dns01.ExtractSubDomain(fqdn, freemyip.RootDomain)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, freemyip.RootDomain)
 	if err != nil {
 		return fmt.Errorf("freemyip: %w", err)
 	}
--- a/providers/dns/gandi/gandi.go
+++ b/providers/dns/gandi/gandi.go
@ -112,14 +112,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // does this by creating and activating a new temporary Gandi DNS
 // zone. This new zone contains the TXT record.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	if d.config.TTL < minTTL {
 		d.config.TTL = minTTL // 300 is gandi minimum value for ttl
 	}
 	// find authZone and Gandi zone_id for fqdn
-	authZone, err := d.findZoneByFqdn(fqdn)
+	authZone, err := d.findZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("gandi: findZoneByFqdn failure: %w", err)
 	}
@ -130,7 +130,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	// determine name of TXT record
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("gandi: %w", err)
 	}
@ -158,7 +158,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("gandi: %w", err)
 	}
-	err = d.addTXTRecord(newZoneID, newZoneVersion, subDomain, value, d.config.TTL)
+	err = d.addTXTRecord(newZoneID, newZoneVersion, subDomain, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("gandi: %w", err)
 	}
@ -174,7 +174,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	// save data necessary for CleanUp
-	d.inProgressFQDNs[fqdn] = inProgressInfo{
+	d.inProgressFQDNs[info.EffectiveFQDN] = inProgressInfo{
 		zoneID:    zoneID,
 		newZoneID: newZoneID,
 		authZone:  authZone,
@ -188,21 +188,21 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // parameters. It does this by restoring the old Gandi DNS zone and
 // removing the temporary one created by Present.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// acquire lock and retrieve zoneID, newZoneID and authZone
 	d.inProgressMu.Lock()
 	defer d.inProgressMu.Unlock()
-	if _, ok := d.inProgressFQDNs[fqdn]; !ok {
+	if _, ok := d.inProgressFQDNs[info.EffectiveFQDN]; !ok {
 		// if there is no cleanup information then just return
 		return nil
 	}
-	zoneID := d.inProgressFQDNs[fqdn].zoneID
+	zoneID := d.inProgressFQDNs[info.EffectiveFQDN].zoneID
-	newZoneID := d.inProgressFQDNs[fqdn].newZoneID
+	newZoneID := d.inProgressFQDNs[info.EffectiveFQDN].newZoneID
-	authZone := d.inProgressFQDNs[fqdn].authZone
+	authZone := d.inProgressFQDNs[info.EffectiveFQDN].authZone
-	delete(d.inProgressFQDNs, fqdn)
+	delete(d.inProgressFQDNs, info.EffectiveFQDN)
 	delete(d.inProgressAuthZones, authZone)
 	// perform API actions to restore old gandi zone for authZone
--- a/providers/dns/gandiv5/gandiv5.go
+++ b/providers/dns/gandiv5/gandiv5.go
@ -110,16 +110,16 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// find authZone
-	authZone, err := d.findZoneByFqdn(fqdn)
+	authZone, err := d.findZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("gandiv5: findZoneByFqdn failure: %w", err)
 	}
 	// determine name of TXT record
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("gandiv5: %w", err)
 	}
@ -130,13 +130,13 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	defer d.inProgressMu.Unlock()
 	// add TXT record into authZone
-	err = d.addTXTRecord(dns01.UnFqdn(authZone), subDomain, value, d.config.TTL)
+	err = d.addTXTRecord(dns01.UnFqdn(authZone), subDomain, info.Value, d.config.TTL)
 	if err != nil {
 		return err
 	}
 	// save data necessary for CleanUp
-	d.inProgressFQDNs[fqdn] = inProgressInfo{
+	d.inProgressFQDNs[info.EffectiveFQDN] = inProgressInfo{
 		authZone:  authZone,
 		fieldName: subDomain,
 	}
@ -145,19 +145,19 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// acquire lock and retrieve authZone
 	d.inProgressMu.Lock()
 	defer d.inProgressMu.Unlock()
-	if _, ok := d.inProgressFQDNs[fqdn]; !ok {
+	if _, ok := d.inProgressFQDNs[info.EffectiveFQDN]; !ok {
 		// if there is no cleanup information then just return
 		return nil
 	}
-	fieldName := d.inProgressFQDNs[fqdn].fieldName
+	fieldName := d.inProgressFQDNs[info.EffectiveFQDN].fieldName
-	authZone := d.inProgressFQDNs[fqdn].authZone
+	authZone := d.inProgressFQDNs[info.EffectiveFQDN].authZone
-	delete(d.inProgressFQDNs, fqdn)
+	delete(d.inProgressFQDNs, info.EffectiveFQDN)
 	// delete TXT record from authZone
 	err := d.deleteTXTRecord(dns01.UnFqdn(authZone), fieldName)
--- a/providers/dns/gcloud/googlecloud.go
+++ b/providers/dns/gcloud/googlecloud.go
@ -172,15 +172,15 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("googlecloud: %w", err)
 	}
 	// Look for existing records.
-	existingRrSet, err := d.findTxtRecords(zone, fqdn)
+	existingRrSet, err := d.findTxtRecords(zone, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("googlecloud: %w", err)
 	}
@ -191,8 +191,8 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 			data := mustUnquote(rr)
 			rrd = append(rrd, data)
-			if data == value {
+			if data == info.Value {
-				log.Printf("skip: the record already exists: %s", value)
+				log.Printf("skip: the record already exists: %s", info.Value)
 				return nil
 			}
 		}
@ -207,8 +207,8 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	rec := &dns.ResourceRecordSet{
-		Name:    fqdn,
+		Name:    info.EffectiveFQDN,
-		Rrdatas: []string{value},
+		Rrdatas: []string{info.Value},
 		Ttl:     int64(d.config.TTL),
 		Type:    "TXT",
 	}
@ -216,7 +216,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	// Append existing TXT record data to the new TXT record data
 	for _, rrSet := range existingRrSet {
 		for _, rr := range rrSet.Rrdatas {
-			if rr != value {
+			if rr != info.Value {
 				rec.Rrdatas = append(rec.Rrdatas, rr)
 			}
 		}
@ -279,14 +279,14 @@ func (d *DNSProvider) applyChanges(zone string, change *dns.Change) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("googlecloud: %w", err)
 	}
-	records, err := d.findTxtRecords(zone, fqdn)
+	records, err := d.findTxtRecords(zone, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("googlecloud: %w", err)
 	}
--- a/providers/dns/gcore/gcore.go
+++ b/providers/dns/gcore/gcore.go
@ -94,16 +94,16 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	ctx := context.Background()
-	zone, err := d.guessZone(ctx, fqdn)
+	zone, err := d.guessZone(ctx, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("gcore: %w", err)
 	}
-	err = d.client.AddRRSet(ctx, zone, dns01.UnFqdn(fqdn), value, d.config.TTL)
+	err = d.client.AddRRSet(ctx, zone, dns01.UnFqdn(info.EffectiveFQDN), info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("gcore: add txt record: %w", err)
 	}
@ -113,16 +113,16 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 // CleanUp removes the record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	ctx := context.Background()
-	zone, err := d.guessZone(ctx, fqdn)
+	zone, err := d.guessZone(ctx, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("gcore: %w", err)
 	}
-	err = d.client.DeleteRRSet(ctx, zone, dns01.UnFqdn(fqdn))
+	err = d.client.DeleteRRSet(ctx, zone, dns01.UnFqdn(info.EffectiveFQDN))
 	if err != nil {
 		return fmt.Errorf("gcore: remove txt record: %w", err)
 	}
--- a/providers/dns/glesys/glesys.go
+++ b/providers/dns/glesys/glesys.go
@ -98,15 +98,15 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// find authZone
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("glesys: findZoneByFqdn failure: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("glesys: %w", err)
 	}
@ -118,30 +118,30 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	// add TXT record into authZone
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
-	recordID, err := d.addTXTRecord(domain, dns01.UnFqdn(authZone), subDomain, value, d.config.TTL)
+	recordID, err := d.addTXTRecord(domain, dns01.UnFqdn(authZone), subDomain, info.Value, d.config.TTL)
 	if err != nil {
 		return err
 	}
 	// save data necessary for CleanUp
-	d.activeRecords[fqdn] = recordID
+	d.activeRecords[info.EffectiveFQDN] = recordID
 	return nil
 }
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// acquire lock and retrieve authZone
 	d.inProgressMu.Lock()
 	defer d.inProgressMu.Unlock()
-	if _, ok := d.activeRecords[fqdn]; !ok {
+	if _, ok := d.activeRecords[info.EffectiveFQDN]; !ok {
 		// if there is no cleanup information then just return
 		return nil
 	}
-	recordID := d.activeRecords[fqdn]
+	recordID := d.activeRecords[info.EffectiveFQDN]
-	delete(d.activeRecords, fqdn)
+	delete(d.activeRecords, info.EffectiveFQDN)
 	// delete TXT record from authZone
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
--- a/providers/dns/godaddy/godaddy.go
+++ b/providers/dns/godaddy/godaddy.go
@ -102,14 +102,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	domainZone, err := getZone(fqdn)
+	domainZone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("godaddy: failed to get zone: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, domainZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, domainZone)
 	if err != nil {
 		return fmt.Errorf("godaddy: %w", err)
 	}
@ -129,7 +129,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.DNSRecord{
 		Type: "TXT",
 		Name: subDomain,
-		Data: value,
+		Data: info.Value,
 		TTL:  d.config.TTL,
 	}
 	newRecords = append(newRecords, record)
@ -144,14 +144,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	domainZone, err := getZone(fqdn)
+	domainZone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("godaddy: failed to get zone: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, domainZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, domainZone)
 	if err != nil {
 		return fmt.Errorf("godaddy: %w", err)
 	}
@ -172,7 +172,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	var recordsKeep []internal.DNSRecord
 	for _, record := range allTxtRecords {
-		if record.Data != value && record.Data != "" {
+		if record.Data != info.Value && record.Data != "" {
 			recordsKeep = append(recordsKeep, record)
 		}
 	}
--- a/providers/dns/hetzner/hetzner.go
+++ b/providers/dns/hetzner/hetzner.go
@ -98,11 +98,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := getZone(fqdn)
+	zone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("hetzner: failed to find zone: fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("hetzner: failed to find zone: fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	zoneID, err := d.client.GetZoneID(zone)
@ -110,7 +110,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("hetzner: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("hetzner: %w", err)
 	}
@ -118,13 +118,13 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.DNSRecord{
 		Type:   "TXT",
 		Name:   subDomain,
-		Value:  value,
+		Value:  info.Value,
 		TTL:    d.config.TTL,
 		ZoneID: zoneID,
 	}
 	if err := d.client.CreateRecord(record); err != nil {
-		return fmt.Errorf("hetzner: failed to add TXT record: fqdn=%s, zoneID=%s: %w", fqdn, zoneID, err)
+		return fmt.Errorf("hetzner: failed to add TXT record: fqdn=%s, zoneID=%s: %w", info.EffectiveFQDN, zoneID, err)
 	}
 	return nil
@ -132,11 +132,11 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := getZone(fqdn)
+	zone, err := getZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("hetzner: failed to find zone: fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("hetzner: failed to find zone: fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	zoneID, err := d.client.GetZoneID(zone)
@ -144,12 +144,12 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("hetzner: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("hetzner: %w", err)
 	}
-	record, err := d.client.GetTxtRecord(subDomain, value, zoneID)
+	record, err := d.client.GetTxtRecord(subDomain, info.Value, zoneID)
 	if err != nil {
 		return fmt.Errorf("hetzner: %w", err)
 	}
--- a/providers/dns/hostingde/hostingde.go
+++ b/providers/dns/hostingde/hostingde.go
@ -94,9 +94,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, err := d.getZoneName(fqdn)
+	zoneName, err := d.getZoneName(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("hostingde: could not determine zone for domain %q: %w", domain, err)
 	}
@ -117,8 +117,8 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	rec := []DNSRecord{{
 		Type:    "TXT",
-		Name:    dns01.UnFqdn(fqdn),
+		Name:    dns01.UnFqdn(info.EffectiveFQDN),
-		Content: value,
+		Content: info.Value,
 		TTL:     d.config.TTL,
 	}}
@ -134,14 +134,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	for _, record := range resp.Response.Records {
-		if record.Name == dns01.UnFqdn(fqdn) && record.Content == fmt.Sprintf(`%q`, value) {
+		if record.Name == dns01.UnFqdn(info.EffectiveFQDN) && record.Content == fmt.Sprintf(`%q`, info.Value) {
 			d.recordIDsMu.Lock()
-			d.recordIDs[fqdn] = record.ID
+			d.recordIDs[info.EffectiveFQDN] = record.ID
 			d.recordIDsMu.Unlock()
 		}
 	}
-	if d.recordIDs[fqdn] == "" {
+	if d.recordIDs[info.EffectiveFQDN] == "" {
 		return fmt.Errorf("hostingde: error getting ID of just created record, for domain %s", domain)
 	}
@ -150,17 +150,17 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, err := d.getZoneName(fqdn)
+	zoneName, err := d.getZoneName(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("hostingde: could not determine zone for domain %q: %w", domain, err)
 	}
 	rec := []DNSRecord{{
 		Type:    "TXT",
-		Name:    dns01.UnFqdn(fqdn),
+		Name:    dns01.UnFqdn(info.EffectiveFQDN),
-		Content: `"` + value + `"`,
+		Content: `"` + info.Value + `"`,
 	}}
 	// get the ZoneConfig for that domain
@ -185,7 +185,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	// Delete record ID from map
 	d.recordIDsMu.Lock()
-	delete(d.recordIDs, fqdn)
+	delete(d.recordIDs, info.EffectiveFQDN)
 	d.recordIDsMu.Unlock()
 	_, err = d.updateZone(req)
--- a/providers/dns/hosttech/hosttech.go
+++ b/providers/dns/hosttech/hosttech.go
@ -101,9 +101,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("hosttech: could not determine zone for domain %q: %w", domain, err)
 	}
@ -113,7 +113,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("hosttech: could not find zone for domain %q (%s): %w", domain, authZone, err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("hosttech: %w", err)
 	}
@ -121,7 +121,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.Record{
 		Type: "TXT",
 		Name: subDomain,
-		Text: value,
+		Text: info.Value,
 		TTL:  d.config.TTL,
 	}
@ -139,9 +139,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("hosttech: could not determine zone for domain %q: %w", domain, err)
 	}
@ -156,7 +156,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("hosttech: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("hosttech: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	err = d.client.DeleteRecord(strconv.Itoa(zone.ID), strconv.Itoa(recordID))
--- a/providers/dns/httpreq/httpreq.go
+++ b/providers/dns/httpreq/httpreq.go
@ -122,10 +122,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return nil
 	}
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	msg := &message{
-		FQDN:  fqdn,
+		FQDN:  info.EffectiveFQDN,
-		Value: value,
+		Value: info.Value,
 	}
 	err := d.doPost("/present", msg)
@ -151,10 +151,10 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return nil
 	}
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	msg := &message{
-		FQDN:  fqdn,
+		FQDN:  info.EffectiveFQDN,
-		Value: value,
+		Value: info.Value,
 	}
 	err := d.doPost("/cleanup", msg)
--- a/providers/dns/hurricane/hurricane.go
+++ b/providers/dns/hurricane/hurricane.go
@ -86,9 +86,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present updates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, _, keyAuth string) error {
-	fqdn, txtRecord := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.client.UpdateTxtRecord(context.Background(), dns01.UnFqdn(fqdn), txtRecord)
+	err := d.client.UpdateTxtRecord(context.Background(), dns01.UnFqdn(info.EffectiveFQDN), info.Value)
 	if err != nil {
 		return fmt.Errorf("hurricane: %w", err)
 	}
@ -98,9 +98,9 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 // CleanUp updates the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.client.UpdateTxtRecord(context.Background(), dns01.UnFqdn(fqdn), ".")
+	err := d.client.UpdateTxtRecord(context.Background(), dns01.UnFqdn(info.EffectiveFQDN), ".")
 	if err != nil {
 		return fmt.Errorf("hurricane: %w", err)
 	}
--- a/providers/dns/hyperone/hyperone.go
+++ b/providers/dns/hyperone/hyperone.go
@ -103,30 +103,30 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("hyperone: failed to get zone for fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("hyperone: failed to get zone for fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
-	recordset, err := d.client.FindRecordset(zone.ID, "TXT", fqdn)
+	recordset, err := d.client.FindRecordset(zone.ID, "TXT", info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("hyperone: fqdn=%s, zone ID=%s: %w", fqdn, zone.ID, err)
+		return fmt.Errorf("hyperone: fqdn=%s, zone ID=%s: %w", info.EffectiveFQDN, zone.ID, err)
 	}
 	if recordset == nil {
-		_, err = d.client.CreateRecordset(zone.ID, "TXT", fqdn, value, d.config.TTL)
+		_, err = d.client.CreateRecordset(zone.ID, "TXT", info.EffectiveFQDN, info.Value, d.config.TTL)
 		if err != nil {
-			return fmt.Errorf("hyperone: failed to create recordset: fqdn=%s, zone ID=%s, value=%s: %w", fqdn, zone.ID, value, err)
+			return fmt.Errorf("hyperone: failed to create recordset: fqdn=%s, zone ID=%s, value=%s: %w", info.EffectiveFQDN, zone.ID, info.Value, err)
 		}
 		return nil
 	}
-	_, err = d.client.CreateRecord(zone.ID, recordset.ID, value)
+	_, err = d.client.CreateRecord(zone.ID, recordset.ID, info.Value)
 	if err != nil {
-		return fmt.Errorf("hyperone: failed to create record: fqdn=%s, zone ID=%s, recordset ID=%s: %w", fqdn, zone.ID, recordset.ID, err)
+		return fmt.Errorf("hyperone: failed to create record: fqdn=%s, zone ID=%s, recordset ID=%s: %w", info.EffectiveFQDN, zone.ID, recordset.ID, err)
 	}
 	return nil
@ -135,52 +135,51 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters and recordset if no other records are remaining.
 // There is a small possibility that race will cause to delete recordset with records for other DNS Challenges.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("hyperone: failed to get zone for fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("hyperone: failed to get zone for fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
-	recordset, err := d.client.FindRecordset(zone.ID, "TXT", fqdn)
+	recordset, err := d.client.FindRecordset(zone.ID, "TXT", info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("hyperone: fqdn=%s, zone ID=%s: %w", fqdn, zone.ID, err)
+		return fmt.Errorf("hyperone: fqdn=%s, zone ID=%s: %w", info.EffectiveFQDN, zone.ID, err)
 	}
 	if recordset == nil {
-		return fmt.Errorf("hyperone: recordset to remove not found: fqdn=%s", fqdn)
+		return fmt.Errorf("hyperone: recordset to remove not found: fqdn=%s", info.EffectiveFQDN)
 	}
 	records, err := d.client.GetRecords(zone.ID, recordset.ID)
 	if err != nil {
 		return fmt.Errorf("hyperone: %w", err)
 	}
 	if len(records) == 1 {
-		if records[0].Content != value {
+		if records[0].Content != info.Value {
-			return fmt.Errorf("hyperone: record with content %s not found: fqdn=%s", value, fqdn)
+			return fmt.Errorf("hyperone: record with content %s not found: fqdn=%s", info.Value, info.EffectiveFQDN)
 		}
 		err = d.client.DeleteRecordset(zone.ID, recordset.ID)
 		if err != nil {
-			return fmt.Errorf("hyperone: failed to delete record: fqdn=%s, zone ID=%s, recordset ID=%s: %w", fqdn, zone.ID, recordset.ID, err)
+			return fmt.Errorf("hyperone: failed to delete record: fqdn=%s, zone ID=%s, recordset ID=%s: %w", info.EffectiveFQDN, zone.ID, recordset.ID, err)
 		}
 		return nil
 	}
 	for _, record := range records {
-		if record.Content == value {
+		if record.Content == info.Value {
 			err = d.client.DeleteRecord(zone.ID, recordset.ID, record.ID)
 			if err != nil {
-				return fmt.Errorf("hyperone: fqdn=%s, zone ID=%s, recordset ID=%s, record ID=%s: %w", fqdn, zone.ID, recordset.ID, record.ID, err)
+				return fmt.Errorf("hyperone: fqdn=%s, zone ID=%s, recordset ID=%s, record ID=%s: %w", info.EffectiveFQDN, zone.ID, recordset.ID, record.ID, err)
 			}
 			return nil
 		}
 	}
-	return fmt.Errorf("hyperone: fqdn=%s, failed to find record with given value", fqdn)
+	return fmt.Errorf("hyperone: fqdn=%s, failed to find record with given value", info.EffectiveFQDN)
 }
 // getHostedZone gets the hosted zone.
--- a/providers/dns/ibmcloud/ibmcloud.go
+++ b/providers/dns/ibmcloud/ibmcloud.go
@ -106,10 +106,10 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
-	err := d.wrapper.AddTXTRecord(fqdn, domain, value, d.config.TTL)
+	err := d.wrapper.AddTXTRecord(info.EffectiveFQDN, domain, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("ibmcloud: %w", err)
 	}
@ -119,10 +119,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
-	err := d.wrapper.CleanupTXTRecord(fqdn, domain)
+	err := d.wrapper.CleanupTXTRecord(info.EffectiveFQDN, domain)
 	if err != nil {
 		return fmt.Errorf("ibmcloud: %w", err)
 	}
--- a/providers/dns/iij/iij.go
+++ b/providers/dns/iij/iij.go
@ -87,9 +87,10 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	_, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.addTxtRecord(domain, value)
+	// TODO(ldez) replace domain by FQDN to follow CNAME.
 	err := d.addTxtRecord(domain, info.Value)
 	if err != nil {
 		return fmt.Errorf("iij: %w", err)
 	}
@ -98,10 +99,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	_, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
-	err := d.deleteTxtRecord(domain, value)
+	err := d.deleteTxtRecord(domain, info.Value)
 	if err != nil {
 		return fmt.Errorf("iij: %w", err)
 	}
--- a/providers/dns/iijdpf/iijdpf.go
+++ b/providers/dns/iijdpf/iijdpf.go
@ -98,14 +98,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	zoneID, err := dpfapiutils.GetZoneIdFromServiceCode(ctx, d.client, d.config.ServiceCode)
 	if err != nil {
 		return fmt.Errorf("iijdpf: failed to get zone id: %w", err)
 	}
-	err = d.addTxtRecord(ctx, zoneID, dns.CanonicalName(fqdn), `"`+value+`"`)
+	err = d.addTxtRecord(ctx, zoneID, dns.CanonicalName(info.EffectiveFQDN), `"`+info.Value+`"`)
 	if err != nil {
 		return fmt.Errorf("iijdpf: %w", err)
 	}
@ -122,14 +122,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	ctx := context.Background()
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	zoneID, err := dpfapiutils.GetZoneIdFromServiceCode(ctx, d.client, d.config.ServiceCode)
 	if err != nil {
 		return fmt.Errorf("iijdpf: failed to get zone id: %w", err)
 	}
-	err = d.deleteTxtRecord(ctx, zoneID, dns.CanonicalName(fqdn), `"`+value+`"`)
+	err = d.deleteTxtRecord(ctx, zoneID, dns.CanonicalName(info.EffectiveFQDN), `"`+info.Value+`"`)
 	if err != nil {
 		return fmt.Errorf("iijdpf: %w", err)
 	}
--- a/providers/dns/infoblox/infoblox.go
+++ b/providers/dns/infoblox/infoblox.go
@ -142,7 +142,7 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	connector, err := infoblox.NewConnector(d.ibConfig, d.transportConfig, &infoblox.WapiRequestBuilder{}, &infoblox.WapiHttpRequestor{})
 	if err != nil {
@ -153,7 +153,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	objectManager := infoblox.NewObjectManager(connector, defaultUserAgent, "")
-	record, err := objectManager.CreateTXTRecord(dns01.UnFqdn(fqdn), value, uint(d.config.TTL), d.config.DNSView)
+	record, err := objectManager.CreateTXTRecord(dns01.UnFqdn(info.EffectiveFQDN), info.Value, uint(d.config.TTL), d.config.DNSView)
 	if err != nil {
 		return fmt.Errorf("infoblox: could not create TXT record for %s: %w", domain, err)
 	}
@ -167,7 +167,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	connector, err := infoblox.NewConnector(d.ibConfig, d.transportConfig, &infoblox.WapiRequestBuilder{}, &infoblox.WapiHttpRequestor{})
 	if err != nil {
@ -183,7 +183,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordRef, ok := d.recordRefs[token]
 	d.recordRefsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("infoblox: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("infoblox: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	_, err = objectManager.DeleteTXTRecord(recordRef)
--- a/providers/dns/infomaniak/infomaniak.go
+++ b/providers/dns/infomaniak/infomaniak.go
@ -110,25 +110,25 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	ikDomain, err := d.client.GetDomainByName(dns01.UnFqdn(fqdn))
+	ikDomain, err := d.client.GetDomainByName(dns01.UnFqdn(info.EffectiveFQDN))
 	if err != nil {
-		return fmt.Errorf("infomaniak: could not get domain %q: %w", fqdn, err)
+		return fmt.Errorf("infomaniak: could not get domain %q: %w", info.EffectiveFQDN, err)
 	}
 	d.domainIDsMu.Lock()
 	d.domainIDs[token] = ikDomain.ID
 	d.domainIDsMu.Unlock()
-	subDomain, err := dns01.ExtractSubDomain(fqdn, ikDomain.CustomerName)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, ikDomain.CustomerName)
 	if err != nil {
 		return fmt.Errorf("infomaniak: %w", err)
 	}
 	record := internal.Record{
 		Source: subDomain,
-		Target: value,
+		Target: info.Value,
 		Type:   "TXT",
 		TTL:    d.config.TTL,
 	}
@ -147,14 +147,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	d.recordIDsMu.Lock()
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("infomaniak: unknown record ID for '%s'", fqdn)
+		return fmt.Errorf("infomaniak: unknown record ID for '%s'", info.EffectiveFQDN)
 	}
 	d.domainIDsMu.Lock()
@ -162,12 +162,12 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	d.domainIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("infomaniak: unknown domain ID for '%s'", fqdn)
+		return fmt.Errorf("infomaniak: unknown domain ID for '%s'", info.EffectiveFQDN)
 	}
 	err := d.client.DeleteDNSRecord(domainID, recordID)
 	if err != nil {
-		return fmt.Errorf("infomaniak: could not delete record %q: %w", dns01.UnFqdn(fqdn), err)
+		return fmt.Errorf("infomaniak: could not delete record %q: %w", dns01.UnFqdn(info.EffectiveFQDN), err)
 	}
 	// Delete record ID from map
--- a/providers/dns/internetbs/internetbs.go
+++ b/providers/dns/internetbs/internetbs.go
@ -98,12 +98,12 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	query := internal.RecordQuery{
-		FullRecordName: dns01.UnFqdn(fqdn),
+		FullRecordName: dns01.UnFqdn(info.EffectiveFQDN),
 		Type:           "TXT",
-		Value:          value,
+		Value:          info.Value,
 		TTL:            d.config.TTL,
 	}
@ -117,12 +117,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	query := internal.RecordQuery{
-		FullRecordName: dns01.UnFqdn(fqdn),
+		FullRecordName: dns01.UnFqdn(info.EffectiveFQDN),
 		Type:           "TXT",
-		Value:          value,
+		Value:          info.Value,
 		TTL:            d.config.TTL,
 	}
--- a/providers/dns/inwx/inwx.go
+++ b/providers/dns/inwx/inwx.go
@ -93,9 +93,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	challengeInfo := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(challengeInfo.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("inwx: %w", err)
 	}
@ -119,9 +119,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	request := &goinwx.NameserverRecordRequest{
 		Domain:  dns01.UnFqdn(authZone),
-		Name:    dns01.UnFqdn(fqdn),
+		Name:    dns01.UnFqdn(challengeInfo.EffectiveFQDN),
 		Type:    "TXT",
-		Content: value,
+		Content: challengeInfo.Value,
 		TTL:     d.config.TTL,
 	}
@ -143,9 +143,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	challengeInfo := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(challengeInfo.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("inwx: %w", err)
 	}
@ -169,7 +169,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	response, err := d.client.Nameservers.Info(&goinwx.NameserverInfoRequest{
 		Domain: dns01.UnFqdn(authZone),
-		Name:   dns01.UnFqdn(fqdn),
+		Name:   dns01.UnFqdn(challengeInfo.EffectiveFQDN),
 		Type:   "TXT",
 	})
 	if err != nil {
--- a/providers/dns/ionos/ionos.go
+++ b/providers/dns/ionos/ionos.go
@ -106,7 +106,7 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	ctx := context.Background()
@ -122,7 +122,7 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 	}
 	filter := &internal.RecordsFilter{
-		Suffix:     dns01.UnFqdn(fqdn),
+		Suffix:     dns01.UnFqdn(info.EffectiveFQDN),
 		RecordType: "TXT",
 	}
@ -132,8 +132,8 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 	}
 	records = append(records, internal.Record{
-		Name:    dns01.UnFqdn(fqdn),
+		Name:    dns01.UnFqdn(info.EffectiveFQDN),
-		Content: value,
+		Content: info.Value,
 		TTL:     d.config.TTL,
 		Type:    "TXT",
 	})
@ -148,7 +148,7 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	ctx := context.Background()
@ -164,7 +164,7 @@ func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
 	}
 	filter := &internal.RecordsFilter{
-		Suffix:     dns01.UnFqdn(fqdn),
+		Suffix:     dns01.UnFqdn(info.EffectiveFQDN),
 		RecordType: "TXT",
 	}
@ -174,7 +174,7 @@ func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
 	}
 	for _, record := range records {
-		if record.Name == dns01.UnFqdn(fqdn) && record.Content == value {
+		if record.Name == dns01.UnFqdn(info.EffectiveFQDN) && record.Content == info.Value {
 			err := d.client.RemoveRecord(ctx, zone.ID, record.ID)
 			if err != nil {
 				return fmt.Errorf("ionos: failed to remove record (zone=%s, record=%s): %w", zone.ID, record.ID, err)
--- a/providers/dns/iwantmyname/iwantmyname.go
+++ b/providers/dns/iwantmyname/iwantmyname.go
@ -99,12 +99,12 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, _, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	record := internal.Record{
-		Hostname: dns01.UnFqdn(fqdn),
+		Hostname: dns01.UnFqdn(info.EffectiveFQDN),
 		Type:     "TXT",
-		Value:    value,
+		Value:    info.Value,
 		TTL:      d.config.TTL,
 	}
@ -118,10 +118,10 @@ func (d *DNSProvider) Present(domain, _, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	record := internal.Record{
-		Hostname: dns01.UnFqdn(fqdn),
+		Hostname: dns01.UnFqdn(info.EffectiveFQDN),
 		Type:     "TXT",
 		Value:    "delete",
 		TTL:      d.config.TTL,
--- a/providers/dns/joker/provider_dmapi.go
+++ b/providers/dns/joker/provider_dmapi.go
@ -73,20 +73,20 @@ func (d *dmapiProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *dmapiProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
 	if d.config.Debug {
-		log.Infof("[%s] joker: adding TXT record %q to zone %q with value %q", domain, subDomain, zone, value)
+		log.Infof("[%s] joker: adding TXT record %q to zone %q with value %q", domain, subDomain, zone, info.Value)
 	}
 	response, err := d.client.Login()
@ -99,7 +99,7 @@ func (d *dmapiProvider) Present(domain, token, keyAuth string) error {
 		return formatResponseError(response, err)
 	}
-	dnsZone := dmapi.AddTxtEntryToZone(response.Body, subDomain, value, d.config.TTL)
+	dnsZone := dmapi.AddTxtEntryToZone(response.Body, subDomain, info.Value, d.config.TTL)
 	response, err = d.client.PutZone(zone, dnsZone)
 	if err != nil || response.StatusCode != 0 {
@ -111,14 +111,14 @@ func (d *dmapiProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *dmapiProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
--- a/providers/dns/joker/provider_svc.go
+++ b/providers/dns/joker/provider_svc.go
@ -54,31 +54,31 @@ func (d *svcProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *svcProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
-	return d.client.Send(dns01.UnFqdn(zone), subDomain, value)
+	return d.client.Send(dns01.UnFqdn(zone), subDomain, info.Value)
 }
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *svcProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, zone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zone)
 	if err != nil {
 		return fmt.Errorf("joker: %w", err)
 	}
--- a/providers/dns/liara/liara.go
+++ b/providers/dns/liara/liara.go
@ -120,14 +120,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("liara: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("liara: %w", err)
 	}
@ -135,12 +135,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.Record{
 		Type:     "TXT",
 		Name:     subDomain,
-		Contents: []internal.Content{{Text: value}},
+		Contents: []internal.Content{{Text: info.Value}},
 		TTL:      d.config.TTL,
 	}
 	newRecord, err := d.client.CreateRecord(dns01.UnFqdn(authZone), record)
 	if err != nil {
-		return fmt.Errorf("liara: failed to create TXT record, fqdn=%s: %w", fqdn, err)
+		return fmt.Errorf("liara: failed to create TXT record, fqdn=%s: %w", info.EffectiveFQDN, err)
 	}
 	d.recordIDsMu.Lock()
@ -152,9 +152,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("liara: %w", err)
 	}
@ -164,7 +164,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("liara: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("liara: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	err = d.client.DeleteRecord(dns01.UnFqdn(authZone), recordID)
--- a/providers/dns/lightsail/lightsail.go
+++ b/providers/dns/lightsail/lightsail.go
@ -119,13 +119,13 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	params := &lightsail.CreateDomainEntryInput{
 		DomainName: aws.String(d.config.DNSZone),
 		DomainEntry: &lightsail.DomainEntry{
-			Name:   aws.String(fqdn),
+			Name:   aws.String(info.EffectiveFQDN),
-			Target: aws.String(strconv.Quote(value)),
+			Target: aws.String(strconv.Quote(info.Value)),
 			Type:   aws.String("TXT"),
 		},
 	}
@ -140,14 +140,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	params := &lightsail.DeleteDomainEntryInput{
 		DomainName: aws.String(d.config.DNSZone),
 		DomainEntry: &lightsail.DomainEntry{
-			Name:   aws.String(fqdn),
+			Name:   aws.String(info.EffectiveFQDN),
 			Type:   aws.String("TXT"),
-			Target: aws.String(strconv.Quote(value)),
+			Target: aws.String(strconv.Quote(info.Value)),
 		},
 	}
--- a/providers/dns/linode/linode.go
+++ b/providers/dns/linode/linode.go
@ -130,16 +130,16 @@ func (d *DNSProvider) Timeout() (time.Duration, time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZoneInfo(fqdn)
+	zone, err := d.getHostedZoneInfo(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
 	createOpts := linodego.DomainRecordCreateOptions{
-		Name:   dns01.UnFqdn(fqdn),
+		Name:   dns01.UnFqdn(info.EffectiveFQDN),
-		Target: value,
+		Target: info.Value,
 		TTLSec: d.config.TTL,
 		Type:   linodego.RecordTypeTXT,
 	}
@ -150,9 +150,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZoneInfo(fqdn)
+	zone, err := d.getHostedZoneInfo(info.EffectiveFQDN)
 	if err != nil {
 		return err
 	}
@ -166,8 +166,8 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	// Remove the specified resource, if it exists.
 	for _, resource := range resources {
-		if (resource.Name == dns01.UnFqdn(fqdn) || resource.Name == zone.resourceName) &&
+		if (resource.Name == dns01.UnFqdn(info.EffectiveFQDN) || resource.Name == zone.resourceName) &&
-			resource.Target == value {
+			resource.Target == info.Value {
 			if err := d.client.DeleteDomainRecord(context.Background(), zone.domainID, resource.ID); err != nil {
 				return err
 			}
--- a/providers/dns/liquidweb/liquidweb.go
+++ b/providers/dns/liquidweb/liquidweb.go
@ -123,11 +123,11 @@ func (d *DNSProvider) Timeout() (time.Duration, time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	params := &network.DNSRecordParams{
-		Name:  dns01.UnFqdn(fqdn),
+		Name:  dns01.UnFqdn(info.EffectiveFQDN),
-		RData: strconv.Quote(value),
+		RData: strconv.Quote(info.Value),
 		Type:  "TXT",
 		Zone:  d.config.Zone,
 		TTL:   d.config.TTL,
--- a/providers/dns/loopia/loopia.go
+++ b/providers/dns/loopia/loopia.go
@ -128,14 +128,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	subDomain, authZone, err := d.splitDomain(fqdn)
+	subDomain, authZone, err := d.splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("loopia: %w", err)
 	}
-	err = d.client.AddTXTRecord(authZone, subDomain, d.config.TTL, value)
+	err = d.client.AddTXTRecord(authZone, subDomain, d.config.TTL, info.Value)
 	if err != nil {
 		return fmt.Errorf("loopia: failed to add TXT record: %w", err)
 	}
@ -149,7 +149,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	defer d.inProgressMu.Unlock()
 	for _, r := range txtRecords {
-		if r.Rdata == value {
+		if r.Rdata == info.Value {
 			d.inProgressInfo[token] = r.RecordID
 			return nil
 		}
@ -160,9 +160,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	subDomain, authZone, err := d.splitDomain(fqdn)
+	subDomain, authZone, err := d.splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("loopia: %w", err)
 	}
--- a/providers/dns/luadns/luadns.go
+++ b/providers/dns/luadns/luadns.go
@ -112,14 +112,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	zones, err := d.client.ListZones()
 	if err != nil {
 		return fmt.Errorf("luadns: failed to get zones: %w", err)
 	}
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("luadns: failed to find zone: %w", err)
 	}
@ -130,9 +130,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	newRecord := internal.DNSRecord{
-		Name:    fqdn,
+		Name:    info.EffectiveFQDN,
 		Type:    "TXT",
-		Content: value,
+		Content: info.Value,
 		TTL:     d.config.TTL,
 	}
@ -150,14 +150,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	d.recordsMu.Lock()
 	record, ok := d.records[token]
 	d.recordsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("luadns: unknown record ID for '%s'", fqdn)
+		return fmt.Errorf("luadns: unknown record ID for '%s'", info.EffectiveFQDN)
 	}
 	err := d.client.DeleteRecord(record)
--- a/providers/dns/mydnsjp/mydnsjp.go
+++ b/providers/dns/mydnsjp/mydnsjp.go
@ -86,10 +86,10 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	_, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
-	err := d.doRequest(domain, value, "REGIST")
+	err := d.doRequest(domain, info.Value, "REGIST")
 	if err != nil {
 		return fmt.Errorf("mydnsjp: %w", err)
 	}
@ -98,10 +98,10 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	_, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
-	err := d.doRequest(domain, value, "DELETE")
+	err := d.doRequest(domain, info.Value, "DELETE")
 	if err != nil {
 		return fmt.Errorf("mydnsjp: %w", err)
 	}
--- a/providers/dns/mythicbeasts/mythicbeasts.go
+++ b/providers/dns/mythicbeasts/mythicbeasts.go
@ -107,14 +107,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
@ -126,7 +126,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
-	err = d.createTXTRecord(authZone, subDomain, value)
+	err = d.createTXTRecord(authZone, subDomain, info.Value)
 	if err != nil {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
@ -136,14 +136,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
@ -155,7 +155,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
-	err = d.removeTXTRecord(authZone, subDomain, value)
+	err = d.removeTXTRecord(authZone, subDomain, info.Value)
 	if err != nil {
 		return fmt.Errorf("mythicbeasts: %w", err)
 	}
--- a/providers/dns/namecheap/namecheap.go
+++ b/providers/dns/namecheap/namecheap.go
@ -251,13 +251,13 @@ func newChallenge(domain, keyAuth string) (*challenge, error) {
 		host = strings.Join(parts[:longest-1], ".")
 	}
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	return &challenge{
 		domain:   domain,
 		key:      "_acme-challenge." + host,
-		keyFqdn:  fqdn,
+		keyFqdn:  info.EffectiveFQDN,
-		keyValue: value,
+		keyValue: info.Value,
 		tld:      tld,
 		sld:      sld,
 		host:     host,
--- a/providers/dns/namedotcom/namedotcom.go
+++ b/providers/dns/namedotcom/namedotcom.go
@ -105,7 +105,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
 	domainDetails, err := d.client.GetDomain(&namecom.GetDomainRequest{DomainName: domain})
@ -113,7 +113,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("namedotcom: API call failed: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, domainDetails.DomainName)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, domainDetails.DomainName)
 	if err != nil {
 		return fmt.Errorf("namedotcom: %w", err)
 	}
@ -124,7 +124,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		Host:       subDomain,
 		Type:       "TXT",
 		TTL:        uint32(d.config.TTL),
-		Answer:     value,
+		Answer:     info.Value,
 	}
 	_, err = d.client.CreateRecord(request)
@ -137,7 +137,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
 	records, err := d.getRecords(domain)
@ -146,7 +146,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	}
 	for _, rec := range records {
-		if rec.Fqdn == fqdn && rec.Type == "TXT" {
+		if rec.Fqdn == info.EffectiveFQDN && rec.Type == "TXT" {
 			// TODO(ldez) replace domain by FQDN to follow CNAME.
 			request := &namecom.DeleteRecordRequest{
 				DomainName: domain,
--- a/providers/dns/namesilo/namesilo.go
+++ b/providers/dns/namesilo/namesilo.go
@ -86,14 +86,14 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, err := getZoneNameByDomain(fqdn)
+	zoneName, err := getZoneNameByDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("namesilo: %w", err)
 	}
-	subdomain, err := dns01.ExtractSubDomain(fqdn, zoneName)
+	subdomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zoneName)
 	if err != nil {
 		return fmt.Errorf("namesilo: %w", err)
 	}
@ -107,7 +107,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		Domain: zoneName,
 		Type:   "TXT",
 		Host:   subdomain,
-		Value:  value,
+		Value:  info.Value,
 		TTL:    d.config.TTL,
 	})
 	if err != nil {
@ -118,9 +118,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, err := getZoneNameByDomain(fqdn)
+	zoneName, err := getZoneNameByDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("namesilo: %w", err)
 	}
@ -130,14 +130,14 @@ func (d *DNSProvider) CleanUp(domain, _, keyAuth string) error {
 		return fmt.Errorf("namesilo: %w", err)
 	}
-	subdomain, err := dns01.ExtractSubDomain(fqdn, zoneName)
+	subdomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, zoneName)
 	if err != nil {
 		return fmt.Errorf("namesilo: %w", err)
 	}
 	var lastErr error
 	for _, r := range resp.Reply.ResourceRecord {
-		if r.Type == "TXT" && (r.Host == subdomain || r.Host == dns01.UnFqdn(fqdn)) {
+		if r.Type == "TXT" && (r.Host == subdomain || r.Host == dns01.UnFqdn(info.EffectiveFQDN)) {
 			_, err := d.client.DnsDeleteRecord(&namesilo.DnsDeleteRecordParams{Domain: zoneName, ID: r.RecordID})
 			if err != nil {
 				lastErr = fmt.Errorf("namesilo: %w", err)
--- a/providers/dns/nearlyfreespeech/nearlyfreespeech.go
+++ b/providers/dns/nearlyfreespeech/nearlyfreespeech.go
@ -108,14 +108,14 @@ func (d *DNSProvider) Sequential() time.Duration {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("nearlyfreespeech: could not determine zone for domain %q: %w", fqdn, err)
+		return fmt.Errorf("nearlyfreespeech: could not determine zone for domain %q: %w", info.EffectiveFQDN, err)
 	}
-	recordName, err := dns01.ExtractSubDomain(fqdn, authZone)
+	recordName, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("nearlyfreespeech: %w", err)
 	}
@ -123,7 +123,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.Record{
 		Name: recordName,
 		Type: "TXT",
-		Data: value,
+		Data: info.Value,
 		TTL:  d.config.TTL,
 	}
@ -137,14 +137,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("nearlyfreespeech: could not determine zone for domain %q: %w", fqdn, err)
+		return fmt.Errorf("nearlyfreespeech: could not determine zone for domain %q: %w", info.EffectiveFQDN, err)
 	}
-	recordName, err := dns01.ExtractSubDomain(fqdn, authZone)
+	recordName, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("nearlyfreespeech: %w", err)
 	}
@ -152,7 +152,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	record := internal.Record{
 		Name: recordName,
 		Type: "TXT",
-		Data: value,
+		Data: info.Value,
 	}
 	err = d.client.RemoveRecord(domain, record)
--- a/providers/dns/netcup/internal/client_test.go
+++ b/providers/dns/netcup/internal/client_test.go
@ -546,9 +546,9 @@ func TestLiveClientGetDnsRecords(t *testing.T) {
 	sessionID, err := client.Login()
 	require.NoError(t, err)
-	fqdn, _ := dns01.GetRecord(envTest.GetDomain(), "123d==")
+	info := dns01.GetChallengeInfo(envTest.GetDomain(), "123d==")
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	require.NoError(t, err, "error finding DNSZone")
 	zone = dns01.UnFqdn(zone)
@ -579,12 +579,12 @@ func TestLiveClientUpdateDnsRecord(t *testing.T) {
 	sessionID, err := client.Login()
 	require.NoError(t, err)
-	fqdn, _ := dns01.GetRecord(envTest.GetDomain(), "123d==")
+	info := dns01.GetChallengeInfo(envTest.GetDomain(), "123d==")
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	require.NoError(t, err, fmt.Errorf("error finding DNSZone, %w", err))
-	hostname := strings.Replace(fqdn, "."+zone, "", 1)
+	hostname := strings.Replace(info.EffectiveFQDN, "."+zone, "", 1)
 	record := DNSRecord{
 		Hostname:     hostname,
--- a/providers/dns/netcup/netcup.go
+++ b/providers/dns/netcup/netcup.go
@ -92,9 +92,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("netcup: failed to find DNSZone, %w", err)
 	}
@ -111,11 +111,11 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		}
 	}()
-	hostname := strings.Replace(fqdn, "."+zone, "", 1)
+	hostname := strings.Replace(info.EffectiveFQDN, "."+zone, "", 1)
 	record := internal.DNSRecord{
 		Hostname:    hostname,
 		RecordType:  "TXT",
-		Destination: value,
+		Destination: info.Value,
 		TTL:         d.config.TTL,
 	}
@ -139,9 +139,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("netcup: failed to find DNSZone, %w", err)
 	}
@ -158,7 +158,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		}
 	}()
-	hostname := strings.Replace(fqdn, "."+zone, "", 1)
+	hostname := strings.Replace(info.EffectiveFQDN, "."+zone, "", 1)
 	zone = dns01.UnFqdn(zone)
@ -170,7 +170,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	record := internal.DNSRecord{
 		Hostname:    hostname,
 		RecordType:  "TXT",
-		Destination: value,
+		Destination: info.Value,
 	}
 	idx, err := internal.GetDNSRecordIdx(records, record)
--- a/providers/dns/netcup/netcup_test.go
+++ b/providers/dns/netcup/netcup_test.go
@ -161,9 +161,9 @@ func TestLivePresentAndCleanup(t *testing.T) {
 	p, err := NewDNSProvider()
 	require.NoError(t, err)
-	fqdn, _ := dns01.GetRecord(envTest.GetDomain(), "123d==")
+	info := dns01.GetChallengeInfo(envTest.GetDomain(), "123d==")
-	zone, err := dns01.FindZoneByFqdn(fqdn)
+	zone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	require.NoError(t, err, "error finding DNSZone")
 	zone = dns01.UnFqdn(zone)
--- a/providers/dns/netlify/netlify.go
+++ b/providers/dns/netlify/netlify.go
@ -101,9 +101,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("netlify: failed to find zone: %w", err)
 	}
@ -111,15 +111,15 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	authZone = dns01.UnFqdn(authZone)
 	record := internal.DNSRecord{
-		Hostname: dns01.UnFqdn(fqdn),
+		Hostname: dns01.UnFqdn(info.EffectiveFQDN),
 		TTL:      d.config.TTL,
 		Type:     "TXT",
-		Value:    value,
+		Value:    info.Value,
 	}
 	resp, err := d.client.CreateRecord(strings.ReplaceAll(authZone, ".", "_"), record)
 	if err != nil {
-		return fmt.Errorf("netlify: failed to create TXT records: fqdn=%s, authZone=%s: %w", fqdn, authZone, err)
+		return fmt.Errorf("netlify: failed to create TXT records: fqdn=%s, authZone=%s: %w", info.EffectiveFQDN, authZone, err)
 	}
 	d.recordIDsMu.Lock()
@ -131,9 +131,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("netlify: failed to find zone: %w", err)
 	}
@ -145,12 +145,12 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("netlify: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("netlify: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	err = d.client.RemoveRecord(strings.ReplaceAll(authZone, ".", "_"), recordID)
 	if err != nil {
-		return fmt.Errorf("netlify: failed to delete TXT records: fqdn=%s, authZone=%s, recordID=%s: %w", fqdn, authZone, recordID, err)
+		return fmt.Errorf("netlify: failed to delete TXT records: fqdn=%s, authZone=%s, recordID=%s: %w", info.EffectiveFQDN, authZone, recordID, err)
 	}
 	// deletes record ID from map
--- a/providers/dns/nicmanager/nicmanager.go
+++ b/providers/dns/nicmanager/nicmanager.go
@ -135,11 +135,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	rootDomain, err := dns01.FindZoneByFqdn(fqdn)
+	rootDomain, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("nicmanager: could not determine zone for domain %q: %w", fqdn, err)
+		return fmt.Errorf("nicmanager: could not determine zone for domain %q: %w", info.EffectiveFQDN, err)
 	}
 	zone, err := d.client.GetZone(dns01.UnFqdn(rootDomain))
@ -150,15 +150,15 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	// The way nic manager deals with record with multiple values is that they are completely different records with unique ids
 	// Hence we don't check for an existing record here, but rather just create one
 	record := internal.RecordCreateUpdate{
-		Name:  fqdn,
+		Name:  info.EffectiveFQDN,
 		Type:  "TXT",
 		TTL:   d.config.TTL,
-		Value: value,
+		Value: info.Value,
 	}
 	err = d.client.AddRecord(zone.Name, record)
 	if err != nil {
-		return fmt.Errorf("nicmanager: failed to create record [zone: %q, fqdn: %q]: %w", zone.Name, fqdn, err)
+		return fmt.Errorf("nicmanager: failed to create record [zone: %q, fqdn: %q]: %w", zone.Name, info.EffectiveFQDN, err)
 	}
 	return nil
@ -166,11 +166,11 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	rootDomain, err := dns01.FindZoneByFqdn(fqdn)
+	rootDomain, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("nicmanager: could not determine zone for domain %q: %w", fqdn, err)
+		return fmt.Errorf("nicmanager: could not determine zone for domain %q: %w", info.EffectiveFQDN, err)
 	}
 	zone, err := d.client.GetZone(dns01.UnFqdn(rootDomain))
@ -178,12 +178,12 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("nicmanager: failed to get zone %q: %w", rootDomain, err)
 	}
-	name := dns01.UnFqdn(fqdn)
+	name := dns01.UnFqdn(info.EffectiveFQDN)
 	var existingRecord internal.Record
 	var existingRecordFound bool
 	for _, record := range zone.Records {
-		if strings.EqualFold(record.Type, "TXT") && strings.EqualFold(record.Name, name) && record.Content == value {
+		if strings.EqualFold(record.Type, "TXT") && strings.EqualFold(record.Name, name) && record.Content == info.Value {
 			existingRecord = record
 			existingRecordFound = true
 		}
--- a/providers/dns/nifcloud/nifcloud.go
+++ b/providers/dns/nifcloud/nifcloud.go
@ -97,9 +97,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.changeRecord("CREATE", fqdn, value, d.config.TTL)
+	err := d.changeRecord("CREATE", info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("nifcloud: %w", err)
 	}
@ -108,9 +108,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.changeRecord("DELETE", fqdn, value, d.config.TTL)
+	err := d.changeRecord("DELETE", info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("nifcloud: %w", err)
 	}
--- a/providers/dns/njalla/njalla.go
+++ b/providers/dns/njalla/njalla.go
@ -101,9 +101,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	rootDomain, subDomain, err := splitDomain(fqdn)
+	rootDomain, subDomain, err := splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("njalla: %w", err)
 	}
@ -111,7 +111,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := internal.Record{
 		Name:    subDomain,                // TODO need to be tested
 		Domain:  dns01.UnFqdn(rootDomain), // TODO need to be tested
-		Content: value,
+		Content: info.Value,
 		TTL:     d.config.TTL,
 		Type:    "TXT",
 	}
@ -130,9 +130,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	rootDomain, _, err := splitDomain(fqdn)
+	rootDomain, _, err := splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("njalla: %w", err)
 	}
@ -142,12 +142,12 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("njalla: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("njalla: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	err = d.client.RemoveRecord(recordID, dns01.UnFqdn(rootDomain))
 	if err != nil {
-		return fmt.Errorf("njalla: failed to delete TXT records: fqdn=%s, recordID=%s: %w", fqdn, recordID, err)
+		return fmt.Errorf("njalla: failed to delete TXT records: fqdn=%s, recordID=%s: %w", info.EffectiveFQDN, recordID, err)
 	}
 	// deletes record ID from map
--- a/providers/dns/nodion/nodion.go
+++ b/providers/dns/nodion/nodion.go
@ -105,14 +105,14 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("nodion: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("nodion: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("nodion: %w", err)
 	}
@ -137,7 +137,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := nodion.Record{
 		RecordType: nodion.TypeTXT,
 		Name:       subDomain,
-		Content:    value,
+		Content:    info.Value,
 		TTL:        d.config.TTL,
 	}
@ -156,21 +156,21 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("nodion: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("nodion: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
 	d.zoneIDsMu.Lock()
 	zoneID, ok := d.zoneIDs[token]
 	d.zoneIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("nodion: unknown zone ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("nodion: unknown zone ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("nodion: %w", err)
 	}
@ -180,7 +180,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	filter := &nodion.RecordsFilter{
 		Name:       subDomain,
 		RecordType: nodion.TypeTXT,
-		Content:    value,
+		Content:    info.Value,
 	}
 	records, err := d.client.GetRecords(ctx, zoneID, filter)
@ -193,7 +193,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	}
 	if len(records) > 1 {
-		return fmt.Errorf("nodion: too many possible records for the domain %s: %v", fqdn, records)
+		return fmt.Errorf("nodion: too many possible records for the domain %s: %v", info.EffectiveFQDN, records)
 	}
 	_, err = d.client.DeleteRecord(ctx, zoneID, records[0].ID)
--- a/providers/dns/ns1/ns1.go
+++ b/providers/dns/ns1/ns1.go
@ -84,26 +84,26 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("ns1: %w", err)
 	}
-	record, _, err := d.client.Records.Get(zone.Zone, dns01.UnFqdn(fqdn), "TXT")
+	record, _, err := d.client.Records.Get(zone.Zone, dns01.UnFqdn(info.EffectiveFQDN), "TXT")
 	// Create a new record
 	if errors.Is(err, rest.ErrRecordMissing) || record == nil {
-		log.Infof("Create a new record for [zone: %s, fqdn: %s, domain: %s]", zone.Zone, fqdn, domain)
+		log.Infof("Create a new record for [zone: %s, fqdn: %s, domain: %s]", zone.Zone, info.EffectiveFQDN, domain)
-		record = dns.NewRecord(zone.Zone, dns01.UnFqdn(fqdn), "TXT")
+		record = dns.NewRecord(zone.Zone, dns01.UnFqdn(info.EffectiveFQDN), "TXT")
 		record.TTL = d.config.TTL
-		record.Answers = []*dns.Answer{{Rdata: []string{value}}}
+		record.Answers = []*dns.Answer{{Rdata: []string{info.Value}}}
 		_, err = d.client.Records.Create(record)
 		if err != nil {
-			return fmt.Errorf("ns1: failed to create record [zone: %q, fqdn: %q]: %w", zone.Zone, fqdn, err)
+			return fmt.Errorf("ns1: failed to create record [zone: %q, fqdn: %q]: %w", zone.Zone, info.EffectiveFQDN, err)
 		}
 		return nil
@ -114,13 +114,13 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	// Update the existing records
-	record.Answers = append(record.Answers, &dns.Answer{Rdata: []string{value}})
+	record.Answers = append(record.Answers, &dns.Answer{Rdata: []string{info.Value}})
-	log.Infof("Update an existing record for [zone: %s, fqdn: %s, domain: %s]", zone.Zone, fqdn, domain)
+	log.Infof("Update an existing record for [zone: %s, fqdn: %s, domain: %s]", zone.Zone, info.EffectiveFQDN, domain)
 	_, err = d.client.Records.Update(record)
 	if err != nil {
-		return fmt.Errorf("ns1: failed to update record [zone: %q, fqdn: %q]: %w", zone.Zone, fqdn, err)
+		return fmt.Errorf("ns1: failed to update record [zone: %q, fqdn: %q]: %w", zone.Zone, info.EffectiveFQDN, err)
 	}
 	return nil
@ -128,14 +128,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("ns1: %w", err)
 	}
-	name := dns01.UnFqdn(fqdn)
+	name := dns01.UnFqdn(info.EffectiveFQDN)
 	_, err = d.client.Records.Delete(zone.Zone, name, "TXT")
 	if err != nil {
 		return fmt.Errorf("ns1: failed to delete record [zone: %q, domain: %q]: %w", zone.Zone, name, err)
--- a/providers/dns/oraclecloud/oraclecloud.go
+++ b/providers/dns/oraclecloud/oraclecloud.go
@ -103,17 +103,17 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneNameOrID, err1 := dns01.FindZoneByFqdn(fqdn)
+	zoneNameOrID, err1 := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err1 != nil {
-		return fmt.Errorf("oraclecloud: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err1)
+		return fmt.Errorf("oraclecloud: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err1)
 	}
 	// generate request to dns.PatchDomainRecordsRequest
 	recordOperation := dns.RecordOperation{
-		Domain:      common.String(dns01.UnFqdn(fqdn)),
+		Domain:      common.String(dns01.UnFqdn(info.EffectiveFQDN)),
-		Rdata:       common.String(value),
+		Rdata:       common.String(info.Value),
 		Rtype:       common.String("TXT"),
 		Ttl:         common.Int(d.config.TTL),
 		IsProtected: common.Bool(false),
@ -122,7 +122,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	request := dns.PatchDomainRecordsRequest{
 		CompartmentId: common.String(d.config.CompartmentID),
 		ZoneNameOrId:  common.String(zoneNameOrID),
-		Domain:        common.String(dns01.UnFqdn(fqdn)),
+		Domain:        common.String(dns01.UnFqdn(info.EffectiveFQDN)),
 		PatchDomainRecordsDetails: dns.PatchDomainRecordsDetails{
 			Items: []dns.RecordOperation{recordOperation},
 		},
@ -138,17 +138,17 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneNameOrID, err1 := dns01.FindZoneByFqdn(fqdn)
+	zoneNameOrID, err1 := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err1 != nil {
-		return fmt.Errorf("oraclecloud: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err1)
+		return fmt.Errorf("oraclecloud: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err1)
 	}
 	// search to TXT record's hash to delete
 	getRequest := dns.GetDomainRecordsRequest{
 		ZoneNameOrId:  common.String(zoneNameOrID),
-		Domain:        common.String(dns01.UnFqdn(fqdn)),
+		Domain:        common.String(dns01.UnFqdn(info.EffectiveFQDN)),
 		CompartmentId: common.String(d.config.CompartmentID),
 		Rtype:         common.String("TXT"),
 	}
@ -166,7 +166,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	var deleteHash *string
 	for _, record := range domainRecords.RecordCollection.Items {
-		if record.Rdata != nil && *record.Rdata == `"`+value+`"` {
+		if record.Rdata != nil && *record.Rdata == `"`+info.Value+`"` {
 			deleteHash = record.RecordHash
 			break
 		}
@ -183,7 +183,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	patchRequest := dns.PatchDomainRecordsRequest{
 		ZoneNameOrId: common.String(zoneNameOrID),
-		Domain:       common.String(dns01.UnFqdn(fqdn)),
+		Domain:       common.String(dns01.UnFqdn(info.EffectiveFQDN)),
 		PatchDomainRecordsDetails: dns.PatchDomainRecordsDetails{
 			Items: []dns.RecordOperation{recordOperation},
 		},
--- a/providers/dns/otc/otc.go
+++ b/providers/dns/otc/otc.go
@ -122,9 +122,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("otc: %w", err)
 	}
@ -142,11 +142,11 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	resource := fmt.Sprintf("zones/%s/recordsets", zoneID)
 	r1 := &recordset{
-		Name:        fqdn,
+		Name:        info.EffectiveFQDN,
 		Description: "Added TXT record for ACME dns-01 challenge using lego client",
 		Type:        "TXT",
 		TTL:         d.config.TTL,
-		Records:     []string{fmt.Sprintf("%q", value)},
+		Records:     []string{fmt.Sprintf("%q", info.Value)},
 	}
 	_, err = d.sendRequest(http.MethodPost, resource, r1)
@ -158,9 +158,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("otc: %w", err)
 	}
@ -175,9 +175,9 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 		return fmt.Errorf("otc: %w", err)
 	}
-	recordID, err := d.getRecordSetID(zoneID, fqdn)
+	recordID, err := d.getRecordSetID(zoneID, info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("otc: unable go get record %s for zone %s: %w", fqdn, domain, err)
+		return fmt.Errorf("otc: unable go get record %s for zone %s: %w", info.EffectiveFQDN, domain, err)
 	}
 	err = d.deleteRecordSet(zoneID, recordID)
--- a/providers/dns/ovh/ovh.go
+++ b/providers/dns/ovh/ovh.go
@ -122,23 +122,23 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// Parse domain name
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("ovh: could not determine zone for domain %q: %w", fqdn, err)
+		return fmt.Errorf("ovh: could not determine zone for domain %q: %w", info.EffectiveFQDN, err)
 	}
 	authZone = dns01.UnFqdn(authZone)
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("ovh: %w", err)
 	}
 	reqURL := fmt.Sprintf("/domain/zone/%s/record", authZone)
-	reqData := Record{FieldType: "TXT", SubDomain: subDomain, Target: value, TTL: d.config.TTL}
+	reqData := Record{FieldType: "TXT", SubDomain: subDomain, Target: info.Value, TTL: d.config.TTL}
 	// Create TXT record
 	var respData Record
@ -163,19 +163,19 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// get the record's unique ID from when we created it
 	d.recordIDsMu.Lock()
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("ovh: unknown record ID for '%s'", fqdn)
+		return fmt.Errorf("ovh: unknown record ID for '%s'", info.EffectiveFQDN)
 	}
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("ovh: could not determine zone for domain %q: %w", fqdn, err)
+		return fmt.Errorf("ovh: could not determine zone for domain %q: %w", info.EffectiveFQDN, err)
 	}
 	authZone = dns01.UnFqdn(authZone)
--- a/providers/dns/pdns/pdns.go
+++ b/providers/dns/pdns/pdns.go
@ -113,22 +113,22 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("pdns: %w", err)
 	}
-	name := fqdn
+	name := info.EffectiveFQDN
 	// pre-v1 API wants non-fqdn
 	if d.apiVersion == 0 {
-		name = dns01.UnFqdn(fqdn)
+		name = dns01.UnFqdn(info.EffectiveFQDN)
 	}
 	rec := Record{
-		Content:  "\"" + value + "\"",
+		Content:  "\"" + info.Value + "\"",
 		Disabled: false,
 		// pre-v1 API
@ -138,7 +138,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	// Look for existing records.
-	existingRrSet, err := d.findTxtRecord(fqdn)
+	existingRrSet, err := d.findTxtRecord(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("pdns: %w", err)
 	}
@ -178,19 +178,19 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := d.getHostedZone(fqdn)
+	zone, err := d.getHostedZone(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("pdns: %w", err)
 	}
-	set, err := d.findTxtRecord(fqdn)
+	set, err := d.findTxtRecord(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("pdns: %w", err)
 	}
 	if set == nil {
-		return fmt.Errorf("pdns: no existing record found for %s", fqdn)
+		return fmt.Errorf("pdns: no existing record found for %s", info.EffectiveFQDN)
 	}
 	rrsets := rrSets{
--- a/providers/dns/plesk/plesk.go
+++ b/providers/dns/plesk/plesk.go
@ -118,11 +118,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("plesk: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("plesk: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
 	siteID, err := d.client.GetSite(dns01.UnFqdn(authZone))
@ -130,12 +130,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 		return fmt.Errorf("plesk: failed to get site: %w", err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("nodion: %w", err)
 	}
-	recordID, err := d.client.AddRecord(siteID, subDomain, value)
+	recordID, err := d.client.AddRecord(siteID, subDomain, info.Value)
 	if err != nil {
 		return fmt.Errorf("plesk: failed to add record: %w", err)
 	}
@ -149,13 +149,13 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	d.recordIDsMu.Lock()
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("plesk: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("plesk: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
 	_, err := d.client.DeleteRecord(recordID)
--- a/providers/dns/porkbun/porkbun.go
+++ b/providers/dns/porkbun/porkbun.go
@ -112,9 +112,9 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneName, hostName, err := splitDomain(fqdn)
+	zoneName, hostName, err := splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("porkbun: %w", err)
 	}
@ -122,7 +122,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	record := porkbun.Record{
 		Name:    hostName,
 		Type:    "TXT",
-		Content: value,
+		Content: info.Value,
 		TTL:     strconv.Itoa(d.config.TTL),
 	}
@ -142,17 +142,17 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	// gets the record's unique ID from when we created it
 	d.recordIDsMu.Lock()
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("porkbun: unknown record ID for '%s' '%s'", fqdn, token)
+		return fmt.Errorf("porkbun: unknown record ID for '%s' '%s'", info.EffectiveFQDN, token)
 	}
-	zoneName, _, err := splitDomain(fqdn)
+	zoneName, _, err := splitDomain(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("porkbun: %w", err)
 	}
--- a/providers/dns/rackspace/rackspace.go
+++ b/providers/dns/rackspace/rackspace.go
@ -114,18 +114,18 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneID, err := d.getHostedZoneID(fqdn)
+	zoneID, err := d.getHostedZoneID(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("rackspace: %w", err)
 	}
 	rec := Records{
 		Record: []Record{{
-			Name: dns01.UnFqdn(fqdn),
+			Name: dns01.UnFqdn(info.EffectiveFQDN),
 			Type: "TXT",
-			Data: value,
+			Data: info.Value,
 			TTL:  d.config.TTL,
 		}},
 	}
@ -144,14 +144,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zoneID, err := d.getHostedZoneID(fqdn)
+	zoneID, err := d.getHostedZoneID(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("rackspace: %w", err)
 	}
-	record, err := d.findTxtRecord(fqdn, zoneID)
+	record, err := d.findTxtRecord(info.EffectiveFQDN, zoneID)
 	if err != nil {
 		return fmt.Errorf("rackspace: %w", err)
 	}
--- a/providers/dns/regru/regru.go
+++ b/providers/dns/regru/regru.go
@ -97,19 +97,19 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("regru: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("regru: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("regru: %w", err)
 	}
-	err = d.client.AddTXTRecord(dns01.UnFqdn(authZone), subDomain, value)
+	err = d.client.AddTXTRecord(dns01.UnFqdn(authZone), subDomain, info.Value)
 	if err != nil {
 		return fmt.Errorf("regru: failed to create TXT records [domain: %s, sub domain: %s]: %w",
 			dns01.UnFqdn(authZone), subDomain, err)
@ -120,19 +120,19 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
-		return fmt.Errorf("regru: could not find zone for domain %q and fqdn %q : %w", domain, fqdn, err)
+		return fmt.Errorf("regru: could not find zone for domain %q and fqdn %q : %w", domain, info.EffectiveFQDN, err)
 	}
-	subDomain, err := dns01.ExtractSubDomain(fqdn, authZone)
+	subDomain, err := dns01.ExtractSubDomain(info.EffectiveFQDN, authZone)
 	if err != nil {
 		return fmt.Errorf("regru: %w", err)
 	}
-	err = d.client.RemoveTxtRecord(dns01.UnFqdn(authZone), subDomain, value)
+	err = d.client.RemoveTxtRecord(dns01.UnFqdn(authZone), subDomain, info.Value)
 	if err != nil {
 		return fmt.Errorf("regru: failed to remove TXT records [domain: %s, sub domain: %s]: %w",
 			dns01.UnFqdn(authZone), subDomain, err)
--- a/providers/dns/rfc2136/rfc2136.go
+++ b/providers/dns/rfc2136/rfc2136.go
@ -127,9 +127,9 @@ func (d *DNSProvider) Sequential() time.Duration {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.changeRecord("INSERT", fqdn, value, d.config.TTL)
+	err := d.changeRecord("INSERT", info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("rfc2136: failed to insert: %w", err)
 	}
@ -138,9 +138,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.changeRecord("REMOVE", fqdn, value, d.config.TTL)
+	err := d.changeRecord("REMOVE", info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("rfc2136: failed to remove: %w", err)
 	}
--- a/providers/dns/rimuhosting/rimuhosting.go
+++ b/providers/dns/rimuhosting/rimuhosting.go
@ -94,15 +94,15 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	records, err := d.client.FindTXTRecords(dns01.UnFqdn(fqdn))
+	records, err := d.client.FindTXTRecords(dns01.UnFqdn(info.EffectiveFQDN))
 	if err != nil {
 		return fmt.Errorf("rimuhosting: failed to find record(s) for %s: %w", domain, err)
 	}
 	actions := []rimuhosting.ActionParameter{
-		rimuhosting.AddRecord(dns01.UnFqdn(fqdn), value, d.config.TTL),
+		rimuhosting.AddRecord(dns01.UnFqdn(info.EffectiveFQDN), info.Value, d.config.TTL),
 	}
 	for _, record := range records {
@ -119,9 +119,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	action := rimuhosting.DeleteRecord(dns01.UnFqdn(fqdn), value)
+	action := rimuhosting.DeleteRecord(dns01.UnFqdn(info.EffectiveFQDN), info.Value)
 	_, err := d.client.DoActions(action)
 	if err != nil {
--- a/providers/dns/route53/route53.go
+++ b/providers/dns/route53/route53.go
@ -139,19 +139,19 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record using the specified parameters.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	hostedZoneID, err := d.getHostedZoneID(fqdn)
+	hostedZoneID, err := d.getHostedZoneID(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("route53: failed to determine hosted zone ID: %w", err)
 	}
-	records, err := d.getExistingRecordSets(hostedZoneID, fqdn)
+	records, err := d.getExistingRecordSets(hostedZoneID, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("route53: %w", err)
 	}
-	realValue := `"` + value + `"`
+	realValue := `"` + info.Value + `"`
 	var found bool
 	for _, record := range records {
@ -165,7 +165,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 	}
 	recordSet := &route53.ResourceRecordSet{
-		Name:            aws.String(fqdn),
+		Name:            aws.String(info.EffectiveFQDN),
 		Type:            aws.String("TXT"),
 		TTL:             aws.Int64(int64(d.config.TTL)),
 		ResourceRecords: records,
@ -180,14 +180,14 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	hostedZoneID, err := d.getHostedZoneID(fqdn)
+	hostedZoneID, err := d.getHostedZoneID(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("failed to determine Route 53 hosted zone ID: %w", err)
 	}
-	records, err := d.getExistingRecordSets(hostedZoneID, fqdn)
+	records, err := d.getExistingRecordSets(hostedZoneID, info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("route53: %w", err)
 	}
@ -197,7 +197,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	}
 	recordSet := &route53.ResourceRecordSet{
-		Name:            aws.String(fqdn),
+		Name:            aws.String(info.EffectiveFQDN),
 		Type:            aws.String("TXT"),
 		TTL:             aws.Int64(int64(d.config.TTL)),
 		ResourceRecords: records,
--- a/providers/dns/safedns/safedns.go
+++ b/providers/dns/safedns/safedns.go
@ -100,17 +100,17 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	zone, err := dns01.FindZoneByFqdn(dns01.ToFqdn(fqdn))
+	zone, err := dns01.FindZoneByFqdn(dns01.ToFqdn(info.EffectiveFQDN))
 	if err != nil {
-		return fmt.Errorf("safedns: could not determine zone for domain: %q: %w", fqdn, err)
+		return fmt.Errorf("safedns: could not determine zone for domain: %q: %w", info.EffectiveFQDN, err)
 	}
 	record := internal.Record{
-		Name:    dns01.UnFqdn(fqdn),
+		Name:    dns01.UnFqdn(info.EffectiveFQDN),
 		Type:    "TXT",
-		Content: fmt.Sprintf("%q", value),
+		Content: fmt.Sprintf("%q", info.Value),
 		TTL:     d.config.TTL,
 	}
@ -128,9 +128,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record previously created.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, _ := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	authZone, err := dns01.FindZoneByFqdn(fqdn)
+	authZone, err := dns01.FindZoneByFqdn(info.EffectiveFQDN)
 	if err != nil {
 		return fmt.Errorf("safedns: %w", err)
 	}
@ -139,7 +139,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
 	recordID, ok := d.recordIDs[token]
 	d.recordIDsMu.Unlock()
 	if !ok {
-		return fmt.Errorf("safedns: unknown record ID for '%s'", fqdn)
+		return fmt.Errorf("safedns: unknown record ID for '%s'", info.EffectiveFQDN)
 	}
 	err = d.client.RemoveRecord(authZone, recordID)
--- a/providers/dns/sakuracloud/sakuracloud.go
+++ b/providers/dns/sakuracloud/sakuracloud.go
@ -107,9 +107,9 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
 // Present creates a TXT record to fulfill the dns-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.addTXTRecord(fqdn, value, d.config.TTL)
+	err := d.addTXTRecord(info.EffectiveFQDN, info.Value, d.config.TTL)
 	if err != nil {
 		return fmt.Errorf("sakuracloud: %w", err)
 	}
@ -119,9 +119,9 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes the TXT record matching the specified parameters.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
-	err := d.cleanupTXTRecord(fqdn, value)
+	err := d.cleanupTXTRecord(info.EffectiveFQDN, info.Value)
 	if err != nil {
 		return fmt.Errorf("sakuracloud: %w", err)
 	}
--- a/providers/dns/scaleway/scaleway.go
+++ b/providers/dns/scaleway/scaleway.go
@ -111,11 +111,11 @@ func (d *DNSProvider) Timeout() (timeout, interval time.Duration) {
 // Present creates a TXT record to fulfill DNS-01 challenge.
 func (d *DNSProvider) Present(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	records := []*scwdomain.Record{{
-		Data:    fmt.Sprintf(`%q`, value),
+		Data:    fmt.Sprintf(`%q`, info.Value),
-		Name:    fqdn,
+		Name:    info.EffectiveFQDN,
 		TTL:     uint32(d.config.TTL),
 		Type:    scwdomain.RecordTypeTXT,
 		Comment: scw.StringPtr("used by lego"),
@ -140,12 +140,12 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
 // CleanUp removes a TXT record used for DNS-01 challenge.
 func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
-	fqdn, value := dns01.GetRecord(domain, keyAuth)
+	info := dns01.GetChallengeInfo(domain, keyAuth)
 	recordIdentifier := &scwdomain.RecordIdentifier{
-		Name: fqdn,
+		Name: info.EffectiveFQDN,
 		Type: scwdomain.RecordTypeTXT,
-		Data: scw.StringPtr(fmt.Sprintf(`%q`, value)),
+		Data: scw.StringPtr(fmt.Sprintf(`%q`, info.Value)),
 	}
 	// TODO(ldez) replace domain by FQDN to follow CNAME.
--- a/Show more
+++ b/Show more