dear sir,
I tried to renew my ssl certificate but i received the below error :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for westad-m.com
dns-01 challenge for westad-m.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. westad-m.com (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: No TXT record found at _acme-challenge.westad-m.com, westad-m.com (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: No TXT record found at _acme-challenge.westad-m.com
IMPORTANT NOTES:
The following errors were reported by the server:Domain: westad-m.com
Type: unauthorized
Detail: No TXT record found at _acme-challenge.westad-m.comDomain: westad-m.com
Type: unauthorized
Detail: No TXT record found at _acme-challenge.westad-m.comTo fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Manual DNS authentication requires for you to manually create the required TXT record in your DNS zone ("_acme-challenge.westad-m.com").
Then you may need to wait until all your authoritative DNS servers are in sync before proceeding.
Try checking them first with: nslookup -q=txt _acme-challenge.westad-m.com ns1.contabo.net nslookup -q=txt _acme-challenge.westad-m.com ns2.contabo.net nslookup -q=txt _acme-challenge.westad-m.com ns3.contabo.net
thanks for your reply and I create the txt record in my dns zone as the below : Server: ns1.contabo.net
Address: 79.143.182.242#53
_acme-challenge.westad-m.com text = "ns2.contabo.net"
_acme-challenge.westad-m.com text = "ns3.contabo.net"
_acme-challenge.westad-m.com text = "ns1.contabo.net"
but i recived the below error :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for westad-m.com
dns-01 challenge for westad-m.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. westad-m.com (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record "ns2.contabo.net" (and 2 more) found at _acme-challenge.westad-m.com, westad-m.com (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record "ns3.contabo.net" (and 2 more) found at _acme-challenge.westad-m.com
IMPORTANT NOTES:
The following errors were reported by the server:
Domain: westad-m.com
Type: unauthorized
Detail: Incorrect TXT record "ns2.contabo.net" (and 2 more) found
at _acme-challenge.westad-m.com
Domain: westad-m.com
Type: unauthorized
Detail: Incorrect TXT record "ns3.contabo.net" (and 2 more) found
at _acme-challenge.westad-m.com
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
No the app should be asking you to create the TXT record with a value like EtG3sadsl5_PhDC0zCib7MCdeWldZu3y8HUc6P6mdPw, so your TXT record name is correct but the value is wrong and it will change every time you go to renew your certificate.
If you can't see the TXT record value you're supposed to be using when you run certbot, consider just using http validation instead or upgrading your (old) version of certbot.