_acme-challenge nxdomain issue - Cloudflare

i have same issue only i do not understand what redirection they are talking about.

I do not see any acme kind of DNS entry in parent and child DNS zone files.
I thought LE worked even without the need to adjust cloudflare DNS zone.
If it is required though, then please let me know where to discover right values for the DNS record?

The error message given to me contains only following line that contains long strings:

[INFO] retry due to: acme: error: 400 :: POST :: https://acme-v02.api.letsencrypt.org/acme/authz-v3/SOMESTRINGREMOVEDFORPRIVACY1 :: urn:ietf:params:acme:error:badNonce :: JWS has an invalid anti-replay nonce: "SOMESTRINGREMOVEDFORPRIVACY2"

Thank You

1 Like

How is your _acme-challenge dns record configured?

Is it a CNAME? If so, does it end with a dot?

1 Like

This is your client messing up and I do not think a redirection can solve this.

You need to tell us more. Right now you haven't even told us what OS is running on your server.


DirectAdmin Linux Redhat Cloudlinux, i am not admin. /.well-known/acme-challenge/ was deleted and i re-created it again with 755 permission. Missing any file. I have asked how the DNS rec0rd should look like if is needed.

It's only needed during a dns-01 validation. Your acme client will tell you what is should look like.

You should avoid using dns-01 validation if you don't need a wildcard.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.