I ran this command: certbot certonly --manual --manual-public-ip-logging-ok -d example.com -d *.example.com
I can login to a root shell on my machine: yes
The version of my client is 0.28.0
I need 5 days to update TXT record (challenge valid time 7 days?), so I used command above and Ctrl+C after I got TXT record.
After TXT update I used that command again and certbot created a new challenge with new TXT record, how to update certs correct in my case?
Run your certbot in screen and check on it 5 days later?
5 days! Are you sending it by sea?
Certbot doesn’t have any mode of operation that would allow a pending authorization to get reused. Most ACME clients don’t.
Off the top of my head, one that does is Posh-ACME: https://github.com/rmbolger/Posh-ACME/wiki/(Advanced)-Semi-Manual-DNS-Challenge-Validation . You should be able to come back to it after 5 days.
screen is a good suggestion.
Another one is to permanently delegate your _acme-challenge. subdomain to a second domain using a CNAME record, and host that second domain’s DNS somewhere more sane.
Maybe. If I use that command again after an hour, it still use previous TXT record, so I decided that screen is unnecessary.
This is only if you already have an existing valid authorization for the domain on the account.
A pending challenge will never be re-used in a new order.
Unfortunately, DNS isn’t managed by me 
Thanks for reply!
can you get a cname added? and a second subdomain with a and ns records?
if you can, check acme-dns.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.