When attempting to renew, I get a failure as shown below. I’m attempting via dns and not HTTP as the cert needs to go on a node (load) balancer at linode which distributes http requests via many systems, so an http request is unlikely to go to the system I’m conducting the update no.
I have successfully renewed with the --test-cert option, but have not been successful while running live. (Command:
certbot certonly --test-cert --break-my-certs --manual --preferred-challenges dns -d ts.ackroydandstanley.com)
My associate has control of the domain and has been modifying the txt record as I’ve instructed, successfully for test runs, but not for live, so I believe he’s doing it correctly.
Attempting both with and without the “break certs” option on live renew attempts seems to make no difference.
Thank you for whatever assistance I can receive!
My domain is: ts.ackroydandstanley.com
I ran this command: certbot certonly --manual --preferred-challenges dns -d ts.ackroydandstanley.com
It produced this output:
[skipping routine Q &A ]
Please deploy a DNS TXT record under the name
_acme-challenge.ts.ackroydandstanley.com with the following value:
_d-cBQhivdnPbPP747QVooWsKm8WB1vcPt5Fx8vyolA
Before continuing, verify the record is deployed.
Press Enter to Continue
Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
The request message was malformed :: Unable to update challenge :: authorization must be pending
My web server is (include version): Apache2
The operating system my web server runs on is (include version): Debian 9
My hosting provider, if applicable, is: Linode.com
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): certbot 0.28.0