Please fill out the fields below so we can help you better.
My domain is:mjva.burff.com
I ran this command: certbot -d mjva.burff.com --manual --preferred-challenges dns certonly
It produced this output: Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.mjva.burff.com
My operating system is (include version): centos 7.3
My web server is (include version):httpd-2.4.6-45.el7.centos.x86_64
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no
i am root shell and add the txt record in my dns server noip.com
and i run the next command
dig -t txt mjva.burff.com
and received this mjva.burff.com. 359 IN TXT "_acme-challenge.mjva.burff.com J1kBfoT3qkHgFnKPYpLBeUSyIkWW31dHKx17OPmsFSI"
i change the record every time that i try to validate via dns but every time received the same error
i am use dns challenge because my provider don’t allow use port 80 or 443
The contents of the value of the TXT record only has to be the token. Just those “random” letters. The _acme-challenge part is the field which has to prepend your hostname. As in: _acme-challenge + mjva.burff.com = _acme-challenge.mjva.burff.com.
You already have a TXT record for the _acme-challenge.mjva.burff.com hostname:
_acme-challenge.mjva.burff.com. 360 IN TXT "_acme-challenge.mjva.burff.com TKx91zLSw-5pKksK211lRasjV0FVqVj7NwJO2unIYgs"
But you’ve (also) got (from your post):
mjva.burff.com. 360 IN TXT "_acme-challenge.mjva.burff.com TKx91zLSw-5pKksK211lRasjV0FVqVj7NwJO2unIYgs"
Which leads me to believe you’ve got some kind of wildcard TXT record set up. That shouldn’t be necessary, you only need to have a TXT record for _acme-challenge.mjva.burff.com.
So now you’ve got:
mjva.burff.com. 360 IN TXT "_acme-challenge.mjva.burff.com TKx91zLSw-5pKksK211lRasjV0FVqVj7NwJO2unIYgs"
(not used)
and
_acme-challenge.mjva.burff.com. 360 IN TXT "_acme-challenge.mjva.burff.com TKx91zLSw-5pKksK211lRasjV0FVqVj7NwJO2unIYgs"
(the correct hostname, but the incorrect value of the TXT record)
Which should be:
_acme-challenge.mjva.burff.com. 360 IN TXT "TKx91zLSw-5pKksK211lRasjV0FVqVj7NwJO2unIYgs"
Some DNS providers do have trouble with names like this, but you can assure them that it’s fully permitted by Internet standards and already used by some other Internet protocols!
As I said, there already is a _acme-challenge.mjva.burff.com hostname, but just not with the correct contents.
Perhaps you can do exactly as you did before, but now with the correct value of the TXT record (i.e., without the _acme-challenge in the value of the record).