Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: accounts.hillmangroup.net
I ran this command: I'm using Certify The Web app
It produced this output:
[ERR] DNS update failed: Azure DNS API :: Operation returned an invalid status code 'NotFound'
My web server is (include version): N/A
The operating system my web server runs on is (include version): N/A
My hosting provider, if applicable, is: N/A (azure for DNS)
I can login to a root shell on my machine (yes or no, or I don't know): N/A
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
I am using Certify The Web desktop app for testing/validation of DNS challenges against Azure hosted DNS via a service principal. In order to limit the access of this service principal I created a child domain (_acme-challenge.accounts.hillmangroup.net).
If I run the 'test' function in the app - it creates and deletes the expected TXT record in the child domain without issue. Confirmed via Azure audit logs. When I attempt to issue a cert - it fails with error:
DNS update failed: Azure DNS API :: Operation returned an invalid status code 'NotFound'
I can generate a cert without fail if I do not create a child zone - using same service principal. I've opened a case with MS and posting here on the chance this has a simple explanation.