SSL Cert Renewal - AWS LightSail

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: pizzapalpatha.com

I ran this command: ```
sudo certbot -d $DOMAIN -d $WILDCARD --manual --preferred-challenges dns certonly


It produced this output:Failed authorization procedure. pizzapalpatha.com (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.pizzapalpatha.com - ch
eck that a DNS record exists for this domain

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: pizzapalpatha.com
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.pizzapalpatha.com - check that a DNS record exists
   for this domain

My web server is (include version):WordPress

The operating system my web server runs on is (include version):Linux 

My hosting provider, if applicable, is:AWS

I can login to a root shell on my machine (yes or no, or I don't know):I Don't Know

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):Yes AWS LightSail

The version of my client is (e.g. output of `certbot --version` or `certbot-auto --version` if you're using Certbot):(0.31.0-1+ubuntu16.04.1+certbot+1)

Do you understand the DNS authentication process?
Did you create the TXT record as requested?

I see records for: _acme-challenge.pizzapalpatha.com.pizzapalpatha.com

Thank you for your quick response. Yes I did add the TXT record. Note: Im very new to this topic, so bear with me.

1 Like

You need to add the record as “_acme-challenge” ONLY
NOT as “_acme-challenge.pizzapalpatha.com”.

You can delete all the records you created.

Oh ok. Let me try now. Thanks

Hi @virasim

checking your domain there is no TXT record visible - see https://check-your-website.server-daten.de/?q=pizzapalpatha.com#txt

Good news: There is no wrong TXT record visible.

The marked position - there are two entries required.

Share a screenshot or start again, create the required two TXT entries, recheck your domain. Then your entries should be visible.

PS: Curious: Checking your domain manual there are entries.

1 Like

You mean two TXT records, i.e. 1 with _acme-challenge.pizzapalpatha.com and next _acme-challenge ?

I tried the above, but I received the same error.

In your DNS control page DON’T add the domain to the record.
It puts the entire name you enter to the left of “.pizzapalpatha.com”
So if you add a record for “_acme-challenge.pizzapalpatha.com” it will create a record as:
_acme-challenge.pizzapalpatha.com.pizzapalpatha.com
Simpler: If you create WWW, then it creates:
WWW.pizzapalpatha.com
You don’t have to say the domain at the domain page.

As far as the TWO records, yes, you will need two records but they will both have the same name.
Merely two different contents (for the same record).

2 posts were split to a new topic: Site is not fully secure

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.