Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:blubeez.ca
I ran this command:Add TXT record with the name/host _acme-challenge.www.blubeez.ca with the value 8KtyNzk1DnFoIaRo7KPuxsY2oP4k3DkAiJENPtiMvMs
It produced this output: No TXT Record Found. Set the TTL to 1 second or if you cannot set the TTL then you must wait the TTL (in seconds) so it updates before verifying the domain.
You mention “second” in the title, but your post doesn’t resemble such a thing. Did you by chance also request a certificate for blubeez.ca (i.e., without www.)?
Yes, I did. Here is the instructions:
Upload Verification Files
Go into the DNS management page that your domains use (This link may help with setting up your TXT records [ignoring Google specific parts]).
Add the following TXT records below to the DNS server for each domain (In the Time to Live (TTL) field, enter 1):
Add TXT record with the name/host _acme-challenge.blubeez.ca with the value MtjPB8-mbyi5tpqeiZUciCPRJbe9d9Yel2M9XJDOs50
Add TXT record with the name/host _acme-challenge.www.blubeez.ca with the value 8KtyNzk1DnFoIaRo7KPuxsY2oP4k3DkAiJENPtiMvMs
Verify TXT records have been propagated by going to the following links. The corresponding values above should show up within the record:
Verify _acme-challenge.blubeez.ca
Verify _acme-challenge.www.blubeez.ca
You may have to wait a minute to a couple minutes for the DNS TXT record to propagate if the TTL record value does not show up or is not the same as the above values. If you get an error during verification that says “JWS has invalid anti-replay nonce” then just refresh the page (resending post data if prompted) until it works.
Click Download SSL Certificate below.
I can verify the first TXT record but the second one doesn’t work.
The www.blubeez.ca. zone is delegated to one Amazon Route 53 DNS server. (You should specify all 4, though.) So you have to create the _acme-challenge.www.blubeez.ca. record at Amazon.
Edit: Or, more to the point, don’t delegate that zone if you don’t need to.