Hi,
Can you please help me certificate generation.
I'm trying to generate * certificate for my Azure app using Poshacme utility.
I created dns zone for test first, with domain: spuffingbot.com
I tried few variations of commadns both with manual plugin and Azure plugin.
New-PACertificate 'spuffingbot.com' -Contact '.com'
New-PACertificate www.spuffingbot.com -Contact '.com'
PS C:\WINDOWS\system32> $pArgs = @{
AZSubscriptionId = $subscriptionID AZTenantId = $tenantID AZAppCred = $appCred
}
New-PACertificate 'SpuffingBot.com','*.SpuffingBot.com' -verbose -Plugin Azure -PluginArgs $pArgs -DnsSleep 500
Here is the error message that I'm getting:
Submit-ChallengeValidation : Authorization invalid for spuffingbot.com: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.spuffingbot.com - check that a DNS record exists for this domain At C:\Program Files\WindowsPowerShell\Modules\Posh-ACME\4.19.0\Public\New-PACertificate.ps1:253 char:9
-
Submit-ChallengeValidation
-
~~~~~~~~~~~~~~~~~~~~~~~~~~
- CategoryInfo : OperationStopped: (Authorization i...for this domain:String) [Submit-ChallengeValidation
], RuntimeException - FullyQualifiedErrorId : Authorization invalid for spuffingbot.com: DNS problem: NXDOMAIN looking up TXT for _acm
e-challenge.spuffingbot.com - check that a DNS record exists for this domain,Submit-ChallengeValidation
- CategoryInfo : OperationStopped: (Authorization i...for this domain:String) [Submit-ChallengeValidation
Also I tried to debug, and here is failed validation message that I got:
{
"status": "invalid",
"expires": "2023-09-25T23:59:42Z",
"identifiers": [
{
"type": "dns",
"value": "spuffingbot.com"
}
],
"authorizations": [
"https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/8369206794"
],
"finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/118556394/11019577794" }
I am seeing TXT records created on DNS zone (and tried to create manually) and they are reacheble via dig or nslookup, every tyme.
I'm on Windows 10 machine, DNS zone is created on Azure.
I probably miss something, please let me know if any more inforamtion is needed. Thx.