My domain is:awslblog.com
I ran the command below:
acme.sh --issue --challenge-alias _acme.awsl.blog --dns dns_cf -d awslblog.com \
-d awsl.tech -d awsl.wtf -d ngksp.ga -d ngksp.gq -d ngksp.ml -d ngksp.tk -d nmsl8.cf -d nmsl8.ga -d nmsl8.gq -d nmsl8.ml -d nmsl8.tk -d thinking.gq -d thinkingnull.cf -d thinkingnull.ga -d thinkingnull.gq -d thinkingnull.ml -d thinkingnull.tk \
-d *.awslblog.com -d *.awsl.tech -d *.awsl.wtf -d *.ngksp.ga -d *.ngksp.gq -d *.ngksp.ml -d *.ngksp.tk -d *.nmsl8.cf -d *.nmsl8.ga -d *.nmsl8.gq -d *.nmsl8.ml -d *.nmsl8.tk -d *.thinking.gq -d *.thinkingnull.cf -d *.thinkingnull.ga -d *.thinkingnull.gq -d *.thinkingnull.ml -d *.thinkingnull.tk \
-d awneed.icu --dns dns_cf --challenge-alias awneed.icu \
-d plashspeed.tech --dns dns_cf --challenge-alias plashspeed.tech \
-d *.awneed.icu --dns dns_cf --challenge-alias awneed.icu \
-d *.plashspeed.tech --dns dns_cf --challenge-alias plashspeed.tech \
-d awsl.blog --dns dns_cf --challenge-alias awsl.blog \
-d *.awsl.blog --dns dns_cf --challenge-alias awsl.blog \
--test --dnssleep 100 --keylength ec-256
It produced this output https://paste.ubuntu.com/p/BMjVY3CN4V
[Sat Jan 2 20:38:45 CST 2021] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Sat Jan 2 20:38:46 CST 2021] _ret='0'
[Sat Jan 2 20:38:46 CST 2021] code='200'
[Sat Jan 2 20:38:46 CST 2021] *.awslblog.com:**Verify error:Incorrect TXT record**
[Sat Jan 2 20:38:46 CST 2021] Skip for removelevel:
[Sat Jan 2 20:38:46 CST 2021] pid
[Sat Jan 2 20:38:46 CST 2021] No need to restore nginx, skip.
[Sat Jan 2 20:38:46 CST 2021] _clearupdns
My web server is (include version):
nginx/1.19.6 I use dns challenge,so web server isn't important.
The operating system my web server runs on is (include version):
Linux version #35~18.04.1-Ubuntu SMP Thu Dec 10 09:22 UTC 2020, release 5.4.0, machine x86_64
I can login to a root shell on my machine (yes or no, or I don't know):yes
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):acme.sh/v2.8.8
I try to create wildcard certificates for 21*2 domains at a time,but it said Verify error:Incorrect TXT record after I waiting 300 seconds. I use cloudflare , all the free domains are CNAME to _acme-challenge.awsl.blog
,and other domains can be direct controlled via cloudflare api.
I have tried to remove some domains,and it works correctly , but when I add all 42 domains in cert, it failed.I watched cloudflare dashboard while waiting for dnssleep , obviously some of TXT records were added correctly(But I'm not sure if everything is correct),What's wrong? I don't want to reduce the number of domain names in the certificate.