I'm running WIN-ACME (.exe) on a Windows 10 client. This year I was succesful to generate a wildcard certificate twice. That's why I know my procedure should work, basically...
In the ACME client I choose the option "[dns-01] Create verification records manually (auto-renew not possible)". I've full access to our DNS editor and I'm sure that my TXT record is correct.
But authorization is going to fail every time. Does anybody has an idea why and what I could try for troubleshooting?
Is it a problem when the A-Record for the Domain "pol.swiss" is pointing to another IPv4 address then the DNS is running?
My domain is:
pol.swiss
I ran this command:
manual DNS Record verification in WIN-ACME
It produced this output:
Preliminary validation succeeded
Answer should now be available at _acme-challenge.pol.swiss
Preliminary validation succeeded
Error authorizing PKISharp.WACS.DomainObjects.TargetPart
(AcmeProtocolException): JWS has an invalid anti-replay nonce: "******"
My web server is (include version):
no web server running *
The operating system my web server runs on is (include version):
the ACME Client is running on Windows 10 *
My hosting provider, if applicable, is:
Cyon.ch
I can login to a root shell on my machine (yes or no, or I don't know):
No
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Yes, as far as I know it is CPanel in background
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
WIN-ACME 2.1.8.838
a simple Windows ACMEv2 Client (WACS)
' * I'm running WIN-ACME (.exe) on a Windows 10 Client to get PEM files to copy to all of our webservers. I don't want ro run the ACME Client directly on a webserver.