DNS problem: NXDOMAIN looking up TXT for check that a DNS record exists for this domain

cblaze22 · February 6, 2020, 2:37pm

I cant figure out what is going on with this domain? The TXT seems to get added with the Windows Certify SSL/TLS Certification Manager 4.1.6.0 gui.

2020-02-06 08:52:18.472 -05:00 [INF] Performing automated challenge responses (peaktobrew.com)
2020-02-06 08:52:18.476 -05:00 [INF] DNS: Creating TXT Record ‘_acme-challenge.peaktobrew.com’ with value ‘dfsfsaf’, in Zone Id ‘p2brelay.com’ using API provider ‘GoDaddy DNS API’
2020-02-06 08:52:19.072 -05:00 [INF] DNS: GoDaddy DNS API :: DNS record added.
2020-02-06 08:52:19.072 -05:00 [INF] Requesting Validation from Let’s Encrypt: peaktobrew.com

…

20-02-06 08:53:22.096 -05:00 [INF] DNS problem: NXDOMAIN looking up TXT for acme-challenge.peaktobrew.com - check that a DNS record exists for this domain
2020-02-06 08:53:23.088 -05:00 [INF] DNS: Deleting TXT Record 'acme-challenge.peaktobrew.com’, in Zone Id ‘p2brelay.com’ using API provider ‘GoDaddy DNS API’
2020-02-06 08:53:23.678 -05:00 [INF] Validation of the required challenges did not complete successfully. DNS problem: NXDOMAIN looking up TXT for _acme-challenge.peaktobrew.com - check that a DNS record exists for this domain
2020-02-06 08:53:23.678 -05:00 [INF] Validation of the required challenges did not complete successfully. DNS problem: NXDOMAIN looking up TXT for _acme-challenge.peaktobrew.com - check that a DNS record exists for this domain
My web server is (include version):

Domain

peaktobrew.com

IIS

The operating system my web server runs on is (include version):

Windows Server 2016

My hosting provider, if applicable, is:

Azure

JuergenAuer · February 6, 2020, 3:23pm

Hi @cblaze22

checking your domain there is no critical error visible.

What client do you use? Is there an option so your client waits after creating the TXT entries?

If yes, use that, then recheck your domain - https://check-your-website.server-daten.de/?q=peaktobrew.com#txt - to see, if the TXT entries are created.

Other question: Why do you use dns validation? Do you want to create a wildcard?

Please answer all of the questions of the standard template.

cblaze22 · February 6, 2020, 3:42pm

I am using the Windows Certify SSL/TLS Certification Manager 4.1.6.0 gui. I am using DNS validation because I always have and have access to the Godaddy account.

jvanasco · February 6, 2020, 4:49pm

There aren’t any DNS TXT records published for this domain. The issue could be that godaddy has internal caching.

if you’re able to, i strongly suggest using acme-dns when doing dns challenges (https://github.com/joohoi/acme-dns). It’s a small DNS server that you can set up to only handle acme dns challenges. switching to that for letsencrypt usually fixes most problems that people have with commercial dns providers.

cblaze22 · February 7, 2020, 2:12pm

So I received access to this Godaddy account and the TXT challenge entries are being added to the main domain instead of it’s specific domain. Basically the challenge entries are added to p2brelay.com along with peak2brew.com and peaktobrew.com. Shouldnt the TXT entries be added to the DNS of the specific domain and not p2brelay.com?

JuergenAuer · February 7, 2020, 2:44pm

You have to create an entry

_acme-challenge.peaktobrew.com

p2brelay.com isn't relevant. Looks like you use the wrong account or the correct account with wrong parameters. But I don't use GoDaddy or that API, so I don't know the details.

PS: Read

cblaze22 · February 7, 2020, 3:33pm

I think this is a bug in the actual CertifyTheWeb application. I posted this situation in it’s issues section on GitHub.

system · March 8, 2020, 3:33pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.