Renewing certificates with dns01 challenge

Hello, I am obtaining a certificate using dn01 challenge. It is giving dns txt record to update in DNS, once this validation passed it is giving me certificate. As I got my certificate, should I keep the txt record in DNS as it is? or Can I delete that txt record ? . Need some inputs here!

Thanks

Hi @sai-dvenkatesh

your domain is checked, you have the certificate -> you can remove the TXT entry.

But if you have created that TXT manual: Letsencrypt certificates only 90 days valid. So you have to do that every 60 - 85 days with a new TXT entry.

PS: So better solution: Install a local client to automate that.

So @JuergenAuer you’re saying if I keep the TXT record , next time I don’t need to generate a new one. I can renew with the help of old one, and can have a chance to automate it? is there any link or documents that helps me to automate renewal certificates with dns challenge.

Next time you have to validate with a new (such as different) TXT entry. You better clean-up old TXT entries, there is a limit for checking.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.