DNS challenge with long wait

I ran this command: certbot certonly --manual --manual-public-ip-logging-ok -d example.com -d *.example.com
I can login to a root shell on my machine: yes
The version of my client is 0.28.0

I need 5 days to update TXT record (challenge valid time 7 days?), so I used command above and Ctrl+C after I got TXT record.
After TXT update I used that command again and certbot created a new challenge with new TXT record, how to update certs correct in my case?

Run your certbot in screen and check on it 5 days later?

5 days! Are you sending it by sea?

Certbot doesn’t have any mode of operation that would allow a pending authorization to get reused. Most ACME clients don’t.

Off the top of my head, one that does is Posh-ACME: https://github.com/rmbolger/Posh-ACME/wiki/(Advanced)-Semi-Manual-DNS-Challenge-Validation . You should be able to come back to it after 5 days.

screen is a good suggestion.

Another one is to permanently delegate your _acme-challenge. subdomain to a second domain using a CNAME record, and host that second domain’s DNS somewhere more sane.

Maybe. If I use that command again after an hour, it still use previous TXT record, so I decided that screen is unnecessary.

This is only if you already have an existing valid authorization for the domain on the account.

A pending challenge will never be re-used in a new order.

Unfortunately, DNS isn’t managed by me :frowning:
Thanks for reply!

can you get a cname added? and a second subdomain with a and ns records?

if you can, check acme-dns.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.