Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
I'm not using certbot, I am testing out an in-house Java application I'm building that uses https://github.com/shred/acme4j to communicate to Let's Encrypt's staging environment 'acme://letsencrypt.org/staging'. I have a question about the stability of the challenge for a domain. Our use case is pretty similar to certBot in that we request challenge types, then show the DNS challenge TXT name and value to our users and ask them to add the record to their DNS provider. They may take some time, several days possibly, to add their DNS TXT record and then come back to us to 'verify'. In this 'veriy' stage, we'll query DNS and make sure they added the expected TXT record with the correct value. Then we'll start a new Session with the ACME server, request Authorizations and choose DNS. We'll verify that the ACME server has sent the same DNS challenge information and then trigger the challenge.
My question is: How long does the user have to add the DNS TXT record and us trigger the challenge? In other words, how long can we count on the ACME server to return the exact same DNS challenge data for a domain?
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):