I successfully obtain a wildcard certificate for mftj.ca by running this command :
sudo certbot -d *.mftj.ca --manual --preferred-challenges dns certonly
I tried three times for the ptcs.app domain on the same server but it is not working :
sudo certbot -d *.ptcs.app --manual --preferred-challenges dns certonly
It produced this output:
Please deploy a DNS TXT record under the name
_acme-challenge.ptcs.app with the following value:
Before continuing, verify the record is deployed.
Press Enter to Continue
Waiting for verification...
Challenge failed for domain ptcs.app
dns-01 challenge for ptcs.app
Cleaning up challenges
Some challenges have failed.
My web server is (include version): nginx 1.18.0
The operating system my web server runs on is (include version): ubuntu 20.10
I can login to a root shell on my machine (yes or no, or I don't know): yes
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): 1.7.0
Thank you for your help !
Where did you enter those TXT records?
Did you do it in your Azure DNS panel? Because doing a nslookup, I couldn't locate your TXT record under
Yes I know,
I flush it this morning.
But when I was trying to continue with certbot, I can have the TXT record at home and at work place too. I have wait for many hours after that before continue with certbot.
I have done the same step that my mftj.ca domain. It is why I don't understand.
I still don't see the record on my end.
I'm not sure what you have now...
Can you try to add a record under
_acme-challenge.ptcs.app with a TXT value of "test" ?
Yes it's done. I have added "test" as TXT record.
But don't forget what I said, I delete the record this morning. It is why you don't see it.
The print screen I join is to show that the record was existing when I continued the process with certbot.
Three times I have tried with the same result.
It was very easy with mftj.ca, but cannot proceed with ptcs.app
Thank you for your help !
Ohhh... Sorry I was confused of what "flush" means in this case..
Checking the record, I still didn't see anything under TXT for that subdomain.
Can you confirm you did add it to the correct place?
I think I found out what's the issue.
You need to add the TXT validation record at
_acme-challenge, not at
And some good news: since you are using Azure DNS, the easiest way for you to use DNS validation is to use certbot's Azure DNS API plugin. certbot-dns-azure · PyPI
You'll be able to fully automated the renewal process for your certificate if you have a valid DNS plugin or hook, so you don't need to spend some time figuring out what to do next!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.