Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: masterbook.info
I ran this command: I start the SSL creation process. Once I'm sure (using https://letsdebug.net/, https://mxtoolbox.com/ and https://dnsmap.io/) that the TXT record _acme-challenge has the correct value I try to finalize the process. I've tried many times and even waited 3 days to be sure. I run other sites on the same server, with the exact identical configuration and those are all secured with no issues.
It produced this output: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/14744358007.
Details:
Type: urn:ietf:params:acme:error:dns
Status: 400
Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.masterbook.info - check that a DNS record exists for this domain
My web server is (include version): IIS 10.0.17763.1
The operating system my web server runs on is (include version): Windows Server 2019 Standard 1809
My hosting provider, if applicable, is: aruba.it (for DNS only, website is on our own server)
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Obsidian Web Admin Edition Version 18.0.36
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): not sure
Do these DNS nameserver look correct to you?
masterbook.info. 0 IN NS dns3.arubadns.net.
masterbook.info. 0 IN NS dns.technorail.com.
masterbook.info. 0 IN NS dns4.arubadns.cz.
masterbook.info. 0 IN NS dns2.technorail.com.
Any TXT record change will need to have replicated to all of these nameservers for validation to work. I don't see your TXT record on any of them.
Also, manual DNS is one of the worst possible ways to do dns challenge validation, does Plesk supports any DNS APIs?
I'm still working on it so I could have done some change. Now with all the 3 services above (letsdebug, etc...) I can correctly see the TXT record.
Those dns are all of the provider, so yes, they look correct.
Plesk suggests to test using mxtoolbox.com, not sure about APIs.
Maybe I can read if there's something else using command prompt, using the UI there are no other options than press a button.
I could try to use a different DNS server, plesk can manage dns too.
But the weird fact is that I have other 4 websites/domain on the same server, with the same DNS server and a DNS configuration identical (well maybe not all really the same but at least 1 exactly the same and the others are the same for what concern TXT record), all secured with letsencrypt with no issues.
So the configuration is right?
I already open a ticket on the ISP platform few days ago but no answer so far.
They are investigating.
Is there something else I can do?
Btw I'll leave it like this until monday and try again.
