Detail: No TXT record found

isaac2093 · August 16, 2019, 12:03am

I’m trying to get renew a wildcard certificate using CERBOT on Ubuntu 16.04 and APACHE, I´m doing it with this command

./certbot-auto certonly --manual --preferred-challenges=dns --agree-tos -d *.example.test.mx

I create the TXT in the dns configuration (my provider is goDaddy ) with TTL = 600 seconds.

Before continuing, verify the record is deployed.
Press Enter to Continue

And then i got this:
Type: unauthorized
Detail: No TXT record found at _acme-challenge.example.test.mx

I think it is because It take a while to goDaddy to make TXT available or something. So I try it again and change the new TXT but before it press enter I waited a few minutes to see if TXT now is available but now I get:

eadTimeout: HTTPSConnectionPool(host=‘acme-v02.api.letsencrypt.org’, port=443): Read timed out. (read timeout=45)

rg305 · August 16, 2019, 1:02am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

schoen · August 16, 2019, 1:51am

There are many possible causes for this problem, but one possibility is running into the maintenance outage earlier today

https://letsencrypt.status.io/pages/history/55957a99e800baa4470002da

or some lingering consequence of it. So it may be worthwhile to simply try again.

isaac2093 · August 16, 2019, 3:09am

My domain is: *.app.renttal.mx
I ran this command: ./certbot-auto certonly --manual --preferred-challenges=dns --agree-tos -d *.app.renttal.mx
It produced this output:
Type: unauthorized
Detail: No TXT record found at _acme-challenge.app.renttal.mx

My web server is (include version): ubuntu 16.04
My hosting provider, if applicable, is: the server is on azure but the dns is on godaddy
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0,

I would like to say that I also have a ssl to the domain renttal.mx which I don`t have any problem.

rg305 · August 16, 2019, 4:21am

Perhaps you did not create the subdomain properly to place the text file into.
Do you have a screenshot of the TXT file and location?

I don't see a txt record at:
nslookup -q=txt _acme-challenge.app.renttal.mx

But I do see a txt record at:
nslookup -q=txt _acme-challenge.renttal.mx
"Jj_4EQzaNun0KrUNOxO3Vei_mrvMSYdTfMXiMLh8AP8"

The requested WildCard validation is for any name* that ends with ".app.rental.mx".
The txt file must be placed into that same exact folder.

[any name* implies the name is a valid FQDN and does not contain any additional "."]

JuergenAuer · August 16, 2019, 6:26am

Hi @isaac2093

there is a checks of your domain - https://check-your-website.server-daten.de/?q=app.renttal.mx#txt

There you see the problem.

You have created a subdomain _acme-challenge.app.renttal.mx, but the menu you use adds renttal.mx, so the name is wrong, the domain name is duplicated.

Create an entry with

_acme-challenge.app

then it should work.

Compare it with my own wildcard

isaac2093 · August 16, 2019, 2:39pm

I just notice what you say to me.
The situation that is in my provider (godaddy) I have already created the txt with _acme-challenge as you can see in the next imagen. But when reviewing the record on the page that shows the TXT - entries it still appears as _acme-challenge.app.renttal.mx.renttal.mx

Well I have both:
_acme-challenge
_acme-challenge.app.renttal.mx

JuergenAuer · August 16, 2019, 2:58pm

Mhm. Reading your last check - https://check-your-website.server-daten.de/?q=app.renttal.mx

The www site says, the domain isn’t registered.

Perhaps add an A entry

app.renttal.mx -> ip address of your renttal.mx

And test, what happens, if you delete the wrong entry

_acme-challenge.app.renttal.mx.

isaac2093 · August 16, 2019, 3:28pm

I solve It
I notice that the TXT that I was creating was: _acme-challenge and you told me that It needed to be: _acme-challenge.app
So I created again like that and It works.
Thanks man! =)

JuergenAuer · August 16, 2019, 3:34pm

Upps, not seen. Yep, now it's good - https://check-your-website.server-daten.de/?q=app.renttal.mx#txt

Happy to read it had worked

system · September 15, 2019, 3:38pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.