Automated certificate update suddenly not working

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: *

I ran this command: Trying to validate newly created TXT record

It produced this output:
I get
Unable to complete the processing for * : Fail to load resource from ''.urn:ietf:params:acme:error:malformed: Unable to update challenge :: authorization must be pending

"type": "dns-01",
"status": "invalid",
"error": {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "No TXT record found at",
"status": 403

But there is a TXT record at, it's created by the same script and the TTL is 1 second.

My web server is (include version): Azure Function App

The operating system my web server runs on is (include version): Windows

My hosting provider, if applicable, is: Azure

I can login to a root shell on my machine (yes or no, or I don't know): No

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Unknown

This error means you are trying to confirm you have completed the TXT record challenge, but it has already failed. That's most likely a bug in the ACME software you are using, which tool are you using (or did you write it yourself using Certes)?

When using DNS validation, you need to wait long enough between updating your TXT record and asking the CA to check it, because you will have multiple nameservers for your domain that all need a few seconds (or even a minute) to sync with each other. Strategies include checking each nameserver is up to date, or simply waiting a set number of seconds before proceeding.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.