Hi All,
I use le64.exe to generate my certificates, this works great and I have scripted the process.
When I first used this I tested about a week later and it renewed fine and gave a new certificate, however, when I try to renew my certificates today (using the same script) it prompts me to set a DNS TXT record.
How long does LetsEncrypt consider the DNS validation valid for - Updating the TXT record is a manual process so negates the benefit of scripting this to be automatic.
2018/05/20 14:31:21 [ ZeroSSL Crypt::LE client v0.31 started. ]
2018/05/20 14:31:21 Loading an account key from LetsEncryptKey.txt
2018/05/20 14:31:21 Account key loaded.
2018/05/20 14:31:21 Loading a CSR from perth_and_wildcard_perth.csr
2018/05/20 14:31:21 Loaded domain names from CSR: mydomain.co.uk, *.mydomain.co.uk
2018/05/20 14:31:21 CSR loaded.
2018/05/20 14:31:21 Checking certificate for expiration (local file).
2018/05/20 14:31:21 Expiration threshold set at 180 days, the certificate expires in 58 days - will be renewing.
2018/05/20 14:31:23 Directory loaded successfully.
2018/05/20 14:31:23 Registering the account key
2018/05/20 14:31:23 Key is already registered, reg path: https://acme-v02.api.letsencrypt.org/acme/acct/30891302.
2018/05/20 14:31:23 TOS has changed, you may need to accept it again.
2018/05/20 14:31:23 Account ID: 30891302
2018/05/20 14:31:23 Registration success: TOS change status - 1, new registration flag - 0.
2018/05/20 14:31:23 The key is already registered. ID: 30891302
2018/05/20 14:31:23 Make sure to check TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf
2018/05/20 14:31:23 Accepted TOS.
2018/05/20 14:31:23 Current contact details: ZeroSSL@myemail.com
2018/05/20 14:31:24 Could not finalize an order.
2018/05/20 14:31:24 Requesting challenge for domain mydomain.co.uk.
2018/05/20 14:31:24 Received challenges for mydomain.co.uk.
2018/05/20 14:31:24 Requesting challenge for domain *.mydomain.co.uk.
2018/05/20 14:31:24 Received challenges for *.mydomain.co.uk.
2018/05/20 14:31:24 Requested challenges for 2 domain(s).
Challenge for 'mydomain.co.uk' requires the following DNS record to be created:
Host: _acme-challenge.mydomain.co.uk, type: TXT, value: MUcz5d_ahRC03e4tY7TbsadaqTdR0-fj1idKIesp0o
Wait for DNS to update by checking it with the command: nslookup -q=TXT _acme-challenge.mydomain.co.uk
When you see a text record returned, pressChallenge for '*.mydomain.co.uk' requires the following DNS record to be created:
Host: _acme-challenge.mydomain.co.uk, type: TXT, value: EnPPdReq55DRlzo5gV2sFVnmMzU1lXg1-bJkdoxMI-Q
Wait for DNS to update by checking it with the command: nslookup -q=TXT _acme-challenge.mydomain.co.uk
When you see a text record returned, press2018/05/20 14:31:40 Accepted challenges for 2 domain(s).
2018/05/20 14:31:42 Processing the 'dns' verification for 'mydomain.co.uk'
2018/05/20 14:31:42 Domain verification results for 'mydomain.co.uk': error. Incorrect TXT record "38sfguC4OovmrFYygDeasdasdhS50ZKFGnWw1DP_k" found at _acme-challenge.mydomain.co.uk
2018/05/20 14:31:42 You can now delete '_acme-challenge.mydomain.co.uk' DNS record
2018/05/20 14:31:42 Domain mydomain.co.uk has failed verification (status code 200).
2018/05/20 14:31:44 Processing the 'dns' verification for '.mydomain.co.uk'
2018/05/20 14:31:44 Domain verification results for '.mydomain.co.uk': error. Incorrect TXT record "38sfguC4OovmrFYygDeasdasdhS50ZKFGnWw1DP_k" found at _acme-challenge.mydomain.co.uk
2018/05/20 14:31:44 You can now delete '_acme-challenge.mydomain.co.uk' DNS record
2018/05/20 14:31:44 Domain *.mydomain.co.uk has failed verification (status code 200).
2018/05/20 14:31:44 All verifications failed
2018/05/20 14:31:44 All verifications failed
Thanks in advance!