Domain validation with DNS

patelbhavin8008 · February 8, 2018, 8:13am

Hi,

I am trying to configure letsencrypt ssl. Here either we need to do https domain validation or DNS. as my hositng provider does not give .well-known directory to user as it is used for some server configurations so i need to do DNS validation.

But here also I have issue as below

For DNS validation we need to create subdomain with underscore (_) link as below

_acme-challenge.domian.com
_acme-challenge.www.domain.com

now underscore () is not valid character for domain names so hosting provider does not allow to create sub domain with (). I check this with few hositng provider all does not allow underscore.

So how can i valide now for ssl

_az · February 8, 2018, 9:19am

This is the mistake of the host.

DNS and related specifications allow for underscores to be present at the beginning of labels for CNAME, SRV and TXT records. The fact that they are not valid host names is an intentional side effect of using underscores.

Underscores are already widely used for DKIM and SIP configurations, Let's Encrypt is not using them in a novel way.

The majority of reputable DNS hosts do support their use in these ways.

You will not be able to use the DNS challenge unless your hosts allows it, so you will either need to use the HTTP challenge, or move to another DNS host.

system · March 10, 2018, 9:19am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Requested domain is not a FQDN	2	10866	January 2, 2016
Request certificate with underscore character Help	3	675	August 3, 2023
DNS01 _acme-challenge subdomain Help	3	4328	March 21, 2020
Underscore ("_") as a valid domain name? Server	6	17857	May 21, 2017
Going the DNS-route without _ prefix Help	3	1139	April 3, 2017

Domain validation with DNS

Related topics