SSL certificate renwal

hi, i have a lightsail instance and I am trying to renew my SSL certificate but I am not able to do so.
My domain is and DNS is hosted on route53.

on running command it gives me challenge to enter against txt record but authentication is not going through.
Command : sudo certbot certonly --manual -d ‘’ -d ‘*’

after updating TXT records getting following on authorization

Failed authorization procedure. (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challeng

Hi @mrjunaidali

there are some checks of your domain -

No TXT entry is visible, not a correct, not a wrong.

Compare it with

Two of these entries with the same domain name are required if you want to create such a certificate with a wildcard and the main domain. is your name server. There you have to add the entries.

Perhaps create manual such an entry (without starting certbot), then recheck the domain to see, if the entry is visible.

1 Like

It looks like you managed to get your first cert almost 3 months ago and this is your first renewal.
Perhaps you did not write down exactly all the steps taken to get the original cert.
Or something has changed since then…

You mention ROUTE53 DNS hosting but the authoritative nameservers are seen as: nameserver = nameserver = nameserver = nameserver =

1 Like

Thanks for your reply. is there any alternative way to verify renewal without touching DNS? like uploading some verification files to server?



If you want to create a wildcard certificate, dns - validation is required.

1 Like

Thanks for your support! Yes it’s using google DNS . Will try again .

Thanks again for your quick support.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.