My domain is: camptrac.com
I ran this command: certbot certonly --agree-tos --manual --preferred-challenges=dns -d camptrac.com -d *.camptrac.com
It produced this output: # certbot certonly --agree-tos --renew-by-default --manual --preferred-challenges=dns -d camptrac.com -d *.camptrac.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for camptrac.com
dns-01 challenge for camptrac.com
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you’re running certbot in manual mode on a machine that is not
your server, please ensure you’re okay with that.
Are you OK with your IP being logged?
(Y)es/(N)o: Y
Please deploy a DNS TXT record under the name
_acme-challenge.camptrac.com with the following value:
FXbTE0_wG7LxIVmhcD_5wIMDuwH0XGvirPTaR7Z6QFc
Before continuing, verify the record is deployed.
Press Enter to Continue
Please deploy a DNS TXT record under the name
_acme-challenge.camptrac.com with the following value:
5dSOMpgO-vuQvnPILc-8GY1CK5ybP4gYfWyCWY2w9xc
Before continuing, verify the record is deployed.
(This must be set up in addition to the previous challenges; do not remove,
replace, or undo the previous challenge tasks yet. Note that you might be
asked to create multiple distinct TXT records with the same name. This is
permitted by DNS standards.)
Press Enter to Continue
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. camptrac.com (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record “k81yXf9CkKJ_5VIk_jdROVaxQOoB3hSZ3CBHzmKiDNY” (and 1 more) found at _acme-challenge.camptrac.com, camptrac.com (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record “k81yXf9CkKJ_5VIk_jdROVaxQOoB3hSZ3CBHzmKiDNY” (and 1 more) found at _acme-challenge.camptrac.com
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: camptrac.com
Type: unauthorized
Detail: Incorrect TXT record
“k81yXf9CkKJ_5VIk_jdROVaxQOoB3hSZ3CBHzmKiDNY” (and 1 more) found at
_acme-challenge.camptrac.comDomain: camptrac.com
Type: unauthorized
Detail: Incorrect TXT record
“k81yXf9CkKJ_5VIk_jdROVaxQOoB3hSZ3CBHzmKiDNY” (and 1 more) found at
_acme-challenge.camptrac.comTo fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): HA-Proxy version 1.5.18
The operating system my web server runs on is (include version): CentOS 7
My hosting provider, if applicable, is: Cygate AB
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.30.2
I first ran the command and updated the TXT records.
dig -t TXT _acme-challenge.camptrac.com @ns1.loopia.se +short
“k81yXf9CkKJ_5VIk_jdROVaxQOoB3hSZ3CBHzmKiDNY”
“rQNMAW1wuvoJXfZIjDYOdK6OvvXRJc1pNhHwHvK19X0”
But when I run the command to generate the certificate the value of the TXT record was changed and the authorization failed.