DNS-01 Manual validation is not working for me

I'm trying to use the DNS-01 manual validation method. I received a key and I can enter a TXT record at my domain register like this _acme-challenge.[my site]. mxtoolbox.com TXT Lookup spits it out just fine. Certify The Web shows pending and I see 'Waiting for User Action'. Then basically it says 'To complete this action click on 'Request Certificate'. Doing that will generate a new key. Is there some way to retry then generating a new key

Paging @webprofusion for CTW help. CTW also has their own dedicated forum you might get quicker help from.

3 Likes

Yeah I'd need to see the log, my guesses would be:

  • If you don't wait long enough for all your nameservers to have the same reply then LE will inevitably check and get the wrong value, so you generally need to wait 1-5 min after updating the TXT record before resuming your order.
  • you waited long enough for the order to become invalid (Let's Encrypt only holds onto the order information for a little while). I don't know how long LE keeps order valid for but it's shorter nowadays.
  • Maybe you are trying to get a wildcard and primary domain e.g. a cert covering both *.domain.com and domain.com, and the value being shown is for the next identifier that needs validated [or your order simply failed validation and this is a whole new order, in which case the log will show the error from LE]
2 Likes