DNS Challenge Error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: noct.is

I ran this command:
DNS Challenge Validation

It produced this output:
Challenge failed (response: {"type":"dns-01","status":"invalid","error":{"type":"urn:ietf:params:acme:error:unauthorized","detail":"Incorrect TXT record "WDm0PMs2r40XskDTK5l9pqlhs5so-J_ORZOa4bJVXxI" found at _acme-challenge.noct.is","status":403},"url":"https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/7584330634/nxzkYw","token":"WDm0PMs2r40XskDTK5l9pqlhs5so-J_ORZOa4bJVXxI","validated":"2023-08-03T20:57:22Z"}).

My web server is (include version):
Apache
The operating system my web server runs on is (include version):
Ubuntu 20
My hosting provider, if applicable, is:
AWS EC2
I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Using ACME PHP.

I get the response that the challenge failed but the token and the record in the error appear to be the same. What am I doing wrong?

What kind of client is "ACME PHP" ?

Are you writing your own? Because people sometimes make the mistake described here

Hi @Hybrid, and welcome to the LE community forum :slight_smile:
And thanks for using the staging environment for your testing!

The token in the TXT RR has a " before and after it which shouldn't be there. Hmm, or does it..? I'm not so sure suddenly :thinking: But it's the only think I could think of seeing the TXT value and the token value seem to be equal.