Invalid DNS record

_az · April 13, 2022, 11:03pm

franciscofabian:

    detail: 'Incorrect TXT record "ph-fuQOgWCC9VeqXIVYnor-vfx1WzIcxG3jVNK3191o" found at _acme-challenge.auth.runningplanandtrack.com',
    status: 403
  },
  url: 'https://acme-staging-v02.api.letsencrypt.org/acme/chall-v3/2177871348/7gJ0fw',
  token: 'ph-fuQOgWCC9VeqXIVYnor-vfx1WzIcxG3jVNK3191o',

I think it will be helpful if you read over the DNS challenge part of RFC8555 again carefully.

token does not go directly into the DNS TXT record.

You take the token from the challenge, and then:

Derive the key authorization by concatenating it to your JWK thumbprint
Calculate the SHA-256 digest of the value from (1)
Encode the value from (2) using base64url

... then put that in the DNS TXT record.

Topic		Replies	Views
Error valildating certificate Help	10	1004	August 15, 2021
Incorrect TXT record from AcmeClient.php Help	4	835	April 1, 2020
Invalid response from http://zak.paulx2.uk/.well-known/acme-challenge Help	4	427	August 21, 2023
Error urn:ietf:params:acme:error:dns Help	13	6682	January 21, 2022
"type": "dns", "value": "acmecentral.com" }, "status": "invalid" Help	4	666	February 10, 2022

Invalid DNS record

Related topics