Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: chicagoearlylearning.org
I ran this command: ./acme.sh --renew -d chicagoearlylearning.org --challenge-alias ekicocvalidation.com --dns dns_gd
It produced this output:
It seems the CA server is busy now, let’s wait and retry.
[Tue May 7 20:55:10 CDT 2019] chicagoearlylearning.org:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge.chicagoearlylearning.org
[Tue May 7 20:55:10 CDT 2019] Removing DNS records.
[Tue May 7 20:55:12 CDT 2019] Please add ‘–debug’ or ‘–log’ to check more details.
[Tue May 7 20:55:12 CDT 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
My web server is (include version): Apache
The operating system my web server runs on is (include version): Linux
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): No
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): acme
If you wish to use DNS Alias mode, you would need to create a CNAME that binds the two domains together.
_acme-challenge.chicagoearlylearning.org should be a CNAME to
But no such CNAME currently exists.
Thank you for your reply @_az . I have one question though.
What does it mean by
“It seems the CA server is busy now, let’s wait and retry.”
It's what's known as a "bad nonce" error, but it isn't something to worry about, because acme.sh knows how to deal with it automatically.
It can happen when acme.sh has to wait a while for e.g. GoDaddy to update your DNS challenge record.
Unfortunately, I am getting the same error for a different domain where I am issuing Lets Encrypt certificates for the first time. I checked and the DNS is updated for that domain as required.
[Tue May 14 13:26:31 CDT 2019] It seems the CA server is busy now, let’s wait and retry.
[Tue May 14 13:26:40 CDT 2019] chicagotraffictracker.com:Verify error:DNS problem: NXDOMAIN looking up TXT for _acme-challenge.chicagotraffictracker.com
[Tue May 14 13:26:40 CDT 2019] Removing DNS records.
[Tue May 14 13:26:42 CDT 2019] Please add ‘–debug’ or ‘–log’ to check more details.
[Tue May 14 13:26:42 CDT 2019] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
Please advice, Thank you
Your CNAME looks correct.
Were you still using
--challenge-alias in the attempt from your last post?
Yes, This is what I used
./acme.sh --issue -d chicagotraffictracker.com --challenge-alias ekicocvalidation.com --dns dns_gd
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.