Replies: 4 comments 1 reply
-
Need to do it for the whole domain. You added the dns record for the root domain and but are trying to verify the subdomain. Need to verify the whole domain |
Beta Was this translation helpful? Give feedback.
-
Tried it for the whole domain before, same error:
dnsssec is working |
Beta Was this translation helpful? Give feedback.
-
Verify it with dig before proceeding. It's either not done at your dns server or not updating in time |
Beta Was this translation helpful? Give feedback.
-
Tried it several times since yesterday. TTL is set to 1 minute. Dig from 3 different servers showing the correct values and also all online tools I've tried. Longest time I've tried to wait was 5 hours. Still not working |
Beta Was this translation helpful? Give feedback.
-
Server Info (please complete the following information):
Installation Method:
Describe the bug
trying to renew ssl cert:
_sudo certbot certonly --manual -d rmm.muehlbauer.top --agree-tos --no-bootstrap --preferred-challenges dns
[sudo] password for tactical:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for rmm.muehlbauer.top
Please deploy a DNS TXT record under the name:
_acme-challenge.rmm.muehlbauer.top.
with the following value:
9kQmN92nmQ_WAGfrKseneVF9xXPGWXivHkuZ662I-BM
Before continuing, verify the TXT record has been deployed. Depending on the DNS
provider, this may take some time, from a few seconds to multiple minutes. You can
check if it has finished deploying with aid of online tools, such as the Google
Admin Toolbox: https://toolbox.googleapps.com/apps/dig/#TXT/_acme-challenge.rmm.muehlbauer.top.
Look for one or more bolded line(s) below the line ';ANSWER'. It should show the
value(s) you've just added.
Press Enter to Continue
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: rmm.muehlbauer.top
Type: dns
Detail: DNS problem: looking up TXT for _acme-challenge.rmm.muehlbauer.top: DNSSEC: DNSKEY Missing
Hint: The Certificate Authority failed to verify the manually created DNS TXT records. Ensure that you created these in the correct location, or try waiting longer for DNS propagation on the next attempt.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details._
_nslookup -type=TXT _acme-challenge.muehlbauer.top
Server: 46.XXX.XXX.XXX
Address: 46.XXX.XXX.XXX#53
Non-authoritative answer:
acme-challenge.muehlbauer.top text = "9kQmN92nmQ_WAGfrKseneVF9xXPGWXivHkuZ662I-BM"
Expected behavior
succesfully renewing the lets encrypt ssl cert
Screenshots
Beta Was this translation helpful? Give feedback.
All reactions