Acme.sh change from dns_acmedns to manual. Impossible?

Help
1

Hello all,
Up to few weeks ago I was using acme.sh with acmedns plugin to renew my wildcard certificate, but I have changed registar and the new one does not allow me to create a NS record.
I was using a subdomain to allow using acmedns by starting it only when renewing ( thus avoiding to care for security problem for DNS on my machine ).

I was trying to "change" from acmedns plugin to manual at least until I can find a ( secure ) way to have my own dns but it does not seem to work:

acme.sh  --dns manual --renew --server 'letsencrypt' -d *.yyyyy.it --dnssleep 300  --yes-I-know-dns-manual-mode-enough-go-ahead-please
[Mon Oct 27 22:35:55 CET 2025] Renewing: '*.yyyyy.it'
[Mon Oct 27 22:35:55 CET 2025] Renewing using Le_API=https://acme-v02.api.letsencrypt.org/directory
[Mon Oct 27 22:35:57 CET 2025] Using CA: https://acme-v02.api.letsencrypt.org/directory
[Mon Oct 27 22:35:57 CET 2025] Single domain='*.yyyyy.it'
[Mon Oct 27 22:36:01 CET 2025] Getting webroot for domain='*.yyyyy.it'
[Mon Oct 27 22:36:02 CET 2025] Adding TXT value: go4uI9hSFIScP9LbTFPxeFMEvUdyesdNpuCkgNkgdEU for domain: _acme-challenge.yyyyy.it
[Mon Oct 27 22:36:02 CET 2025] Using acme-dns
[Mon Oct 27 22:36:02 CET 2025] Please refer to https://curl.haxx.se/libcurl/c/libcurl-errors.html for error code: 7
[Mon Oct 27 22:36:03 CET 2025] invalid response of acme-dns
[Mon Oct 27 22:36:03 CET 2025] Error adding TXT record to domain: _acme-challenge.yyyyy.it
[Mon Oct 27 22:36:03 CET 2025] Please add '--debug' or '--log' to see more information.
[Mon Oct 27 22:36:03 CET 2025] See: https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh

As you can see it alway try to use acmedns also if I have explicitly set the --dns manual flag and --yes-I-know-dns-manual-mode-enough-go-ahead-please
Is this an unsupported way of run this command ?
I have seen that in the .conf for yyyyy.it domain there is the

Le_Webroot='dns_acmedns'

but also removing it there is no better chance:

acme.sh  --dns manual --renew --server 'letsencrypt' -d *.yyyyy.it --dnssleep 300  --yes-I-know-dns-manual-mode-enough-go-ahead-please 
[Mon Oct 27 22:42:01 CET 2025] Renewing: '*.yyyyy.it'
[Mon Oct 27 22:42:01 CET 2025] Renewing using Le_API=https://acme-v02.api.letsencrypt.org/directory
Please specify at least one validation method: '--webroot', '--standalone', '--apache', '--nginx' or '--dns' etc.

Must I restart with a new issue ?

Thanks in advance.

Pigi_102

2

Yes, a --renew does what the previous --issue did to get a cert.

Do a new --issue to change the method

4 Likes
4

Hello, the --issue almost did the job.
I also had to remove the *.yyyyy.it directory as when asking the renew ( after the issue as instructed by the script ) acme.sh did not catch the _ecc dir but the old one.
By the way, thanks, it worked.

1 Like