Trying to create a wildcard certificate for *

I've successfully created the SSL certificate for the domain a month ago at one server. Now I am trying to create the wildcard certificate for the domain *, but at another server. After a few unsuccessful tries, I decided to ask for help from you.

Thank you very much in advance.

My domain is:

I ran this command: certbot certonly --manual --preferred-challenges dns --server --manual-public-ip-logging-ok -d *

It produced this output:

Saving debug log to C:\Certbot\log\letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for

Please deploy a DNS TXT record under the name with the following value:
Before continuing, verify the record is deployed.

Press Enter to Continue
Waiting for verification...
[31mChallenge failed for domain[0m
dns-01 challenge for
Cleaning up challenges
[31mSome challenges have failed.[0m
[0m - The following errors were reported by the server:
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for - check that a DNS record exists for this domain
My web server is (include version): node.js (6.14.4)

The operating system my web server runs on is (include version): Windows Server 2016

My hosting provider, if applicable, is: GoDaddy

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.5.0


Welcome to the Let's Encrypt Community, Slobodan :slightly_smiling_face:

You need to create a TXT record in your DNS with host/name of and the value specified by certbot (Z0Jt2AfXz1WIIh2dJd3jcw2GL1WCHCINgDqhY11xx0o).

After you create the TXT record, use the following tool to check that was created and propagated successfully. Look under ;ANSWER for the result.

See JuergenAuer's analysis below to understand what you did wrong.

1 Like

Hi @skosanovic

you have created the wrong entry - see your check, some days old -

Domainname TXT Entry Status āˆ‘ Queries āˆ‘ Timeout ok 1 0 Name Error - The domain name does not exist 1 0 3aWwG1jCxtkz9giAQ8_gZ_-YbVdFukWTitJxT77CZnc perhaps wrong 1 0 4LzTSmUQrc4ZlcmAqSs000QiVt8JGxXLqWUBLojs_80 perhaps wrong 1 0 QK7vlP2I3JaDdik0fmdeF-osQxk27XBJ6ouEzEDqS4w perhaps wrong 1 0

Your menu adds your domain name, so your domain name is duplicated.

Use _acme-challenge as domain name.



This issue with appending the domain name to the host/name seems to be quite prevalent in many DNS managers. I wonder if appending a period would keep the host/name from being relative and thus prevent the issue. ->


You think one small period will stop the Big Go Daddy Monster!

You would think that a simple check would catch the duplicate within the DNS manager.
"Are you sure you want to add xyz.YOUR-DOMAIN.YOUR-DOMAIN ?"

What's funny is that I wrote that and then went to see if they used GoDaddy or not.
[you guessed it]


Hi, Jurgen,

Thank you so much for your quick answer. This was the problem and you've found the solution.




This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.