Lego.sh fails NXDOMAIN for GoDaddy DNS Challenge

Domelike0082 · January 19, 2023, 4:14am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:funwithtape.com

I ran this command: lego.sh

It produced this output: acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.funwithtape.com

My web server is (include version):

The operating system my web server runs on is (include version): Ubuntu 20.04

My hosting provider, if applicable, is: Godaddy

I can login to a root shell on my machine (yes or no, or I don't know): YES

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): not using certbot;

I just need to know where i would find/get the text i need to put in DNS for the acme challenge so this will create the cert i need.... Or what else am i missing?? i configured lego file with email, domain name, dns provider, and key info and private key info;

MikeMcQ · January 19, 2023, 4:50am

Can you confirm you followed the instructions below?
https://go-acme.github.io/lego/dns/godaddy/

Normally, if the lego DNS works it handles creating the needed TXT record. To access your DNS provider it uses the credentials per the config at the link above.

I don't know lego enough to advise on getting more detailed log info. And, I don't have a GoDaddy system to test with myself.

Domelike0082 · January 19, 2023, 4:52am

It finally worked trying like a 3rd or 4th time..... but now i'm getting a cert is invalid error..... lol

MikeMcQ · January 19, 2023, 5:04am

Maybe try increasing the propagation timeout in the Lego config?

Where are you seeing the invalid cert? I see your domain using a valid cert that was issued two days ago

Domelike0082 · January 19, 2023, 5:07am

So i think i have an idea how to fix my mess...... I'm using 2 different apps on my server and both want to use the secure ports... Wondering if i can use the same cert i already got for other app from letsencrypt? That app is securing connections fine to the server but the other app is still UNSECURE and i need to point to the other cert but sadly i can't recall where other cert was stored in the OS... i'm doing a search but it's kinda tedious?? Any clue where letsencrypt likes to store certs?

MikeMcQ · January 19, 2023, 5:10am

you'll have to check the Lego docs to see where it puts them

or, check the docs for the acme client that you used to get that other cert. or, let us know what that was

system · February 18, 2023, 5:10am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.