Challenge error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
Deleted the site folder in /root/ --issue -d -d * --dns --force --yes-I-know-dns-manual-mode-enough-go-ahead-please

Added the shown DNS record --renew -d -d * --dns --force --yes-I-know-dns-manual-mode-enough-go-ahead-please

It produced this output:
[root@serv1-www]# --renew -d -d --dns --force --yes-I-know-dns-manual-mode-enough-go-ahead-please
[Mon Apr 22 00:06:09 UTC 2019] Renew: ‘
[Mon Apr 22 00:06:10 UTC 2019] Multi domain=',DNS:’
[Mon Apr 22 00:06:10 UTC 2019] Getting domain auth token for each domain
[Mon Apr 22 00:06:10 UTC 2019] Verifying:
[Mon Apr 22 00:06:24 UTC 2019] error: {“type”:“urn:ietf:params:acme:error:malformed”,“detail”:“Unable to update challenge :: authorization must be pending”,“status”: 400}
[Mon Apr 22 00:06:24 UTC 2019] Please check log file for more details: /root/
[Mon Apr 22 00:06:31 UTC 2019] The dns manual mode can not renew automatically, you must issue it again manually. You’d better use the other modes instead.

My web server is (include version):
[root@serv1-www]# httpd -v
Server version: Apache/2.4.6 (CentOS)
Server built: Dec 15 2014 17:32:clock430:

The operating system my web server runs on is (include version):
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 2.6.32-042stab133.2

My hosting provider, if applicable, is:
Root Level Tech

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
VestaCP 0.9.8-24

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.33.1

Hi @inboxspecialists

you have created the wrong entries ( ):

TXT - Entries

Domainname TXT Entry Status ∑ Queries ∑ Timeout v=spf1 mx ip4: -all ok 1 0 spf2.0/pra,mfrom +mx +ip4: -all ok 1 0 _acme-challenge=IHe0FPXUsH3SQRGgAgbyLPYDosMDJd-Kt-B-9u9JxjI warning: _acme-challenge as TXTValue, not part of the domain name 1 0 _acme-challenge=WQH8cqgEbtt8u8OfEx9e6IHpsnkAXPYbkB0bg_Tc1f8 warning: _acme-challenge as TXTValue, not part of the domain name 1 0

The output should look like

Add _acme-challenge as name. As value only IHe0FPXUsH3SQRGgAgbyLPYDosMDJd-Kt-B-9u9JxjI.

Hmm that’s quite strange , i checked here and it shows correctly. But ill try updating it.

thx for link ‘’ ), very usefull)



And Thanks retour - I’ve added a lot of checks because of problems users reported in this forum.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.