DNS problem: NXDOMAIN looking up TXT for _acme-challenge check that a DNS record exists for this domain

Probably because the namesilo DNS script already returns an error? Although the log isn't very helpful:

[Sun Nov 21 21:28:44 CET 2021] txtdomain='_acme-challenge.asellus.org'
[Sun Nov 21 21:28:44 CET 2021] txt='****'
[Sun Nov 21 21:28:44 CET 2021] d_api='/home/mluerig/.acme.sh/dnsapi/dns_namesilo.sh'
[Sun Nov 21 21:28:44 CET 2021] Found domain api file: /home/mluerig/.acme.sh/dnsapi/dns_namesilo.sh
[Sun Nov 21 21:28:44 CET 2021] Adding txt value: **** for domain:  _acme-challenge.asellus.org
[Sun Nov 21 21:28:44 CET 2021] Retrying GET
[Sun Nov 21 21:28:44 CET 2021] GET
[Sun Nov 21 21:28:44 CET 2021] url='https://www.namesilo.com/api/listDomains?version=1&type=xml&key=****'
[Sun Nov 21 21:28:44 CET 2021] timeout=
[Sun Nov 21 21:28:44 CET 2021] displayError='1'
[Sun Nov 21 21:28:44 CET 2021] _CURL='curl --silent --dump-header /home/mluerig/.acme.sh/http.header  -L  -g '
[Sun Nov 21 21:28:45 CET 2021] ret='0'
[Sun Nov 21 21:28:45 CET 2021] _hcode='0'
[Sun Nov 21 21:28:45 CET 2021] host='asellus.org'
[Sun Nov 21 21:28:45 CET 2021] Unable to find domain specified.
[Sun Nov 21 21:28:45 CET 2021] Error add txt for domain:_acme-challenge.asellus.org
[Sun Nov 21 21:28:45 CET 2021] _on_issue_err
[Sun Nov 21 21:28:45 CET 2021] Please check log file for more details: /home/mluerig/.acme.sh/acme.sh.log

:frowning:

Something seems to be wrong with the namesilo part.. But what?

2 Likes

This also happened with the python script I used with certbot: there was no waiting time at all.

Is there something I have overlooked with namesilo? Also, I just bought the domain yesterday, if that matters...

It might be due to that. The response in the acme log is "Unable to find domain specified", as if the API doesn't recognise it (yet).

2 Likes

ok...guess I should have said that earlier. so I will wait a bit longer then

You'll need to do some individualized NameSilo DNS API testing before circling back to certbot.

Read through their site for help on such testing.

1 Like

Tell me Rudy, how would one do that? :stuck_out_tongue:

Oeehh, sneaky edit! Well.. I'm not sure if API providers provide instructions on how to test their API.. :scream:

2 Likes

Answered before you asked - LOL

I was still typing! - LOL

1 Like

well, it has been almost 48 hours and neither certbot nor acme work (same errors). however, I noticed when I try to reach the domain under https://www.asellus.org, there appears to be a certificate after all.

I am now entirely confused - does that mean that one of my attempts worked, and that I now need a .htacess file or a DNS record to point www.asellus,org and asellus.org to https://www.asellus.org? At least I remember having done something similar long ago on a wordpress blog ... :sweat_smile:

With certbot you can check with the command certbot certificates, which should list the certificate if certbot generated it. I don't know how acme.sh produces such a list, although I know it is able to.

2 Likes
Name:      the-asellus-consortium.github.io
Addresses: 2606:50c0:8002::153
           2606:50c0:8003::153
           2606:50c0:8000::153
           2606:50c0:8001::153
           185.199.109.153
           185.199.110.153
           185.199.111.153
           185.199.108.153
Aliases:   www.asellus.org

Name:      asellus.org
Addresses: 185.199.111.153
           185.199.108.153
           185.199.109.153
           185.199.110.153
1 Like

apparently github-pages autogenerates certificates, so it's solved.

still don't understand why the dns-01 challenges with certbot and acme failed

With certbot you can check with the command certbot certificates , which should list the certificate if certbot generated it. I don't know how acme.sh produces such a list, although I know it is able to.

no certificates were generated

acme.sh --list

Same here :frowning:

1 Like