Trying to create a wildcard certificate for *

I've successfully created the SSL certificate for the domain a month ago at one server. Now I am trying to create the wildcard certificate for the domain *, but at another server. After a few unsuccessful tries, I decided to ask for help from you.

Thank you very much in advance.

My domain is:

I ran this command: certbot certonly --manual --preferred-challenges dns --server --manual-public-ip-logging-ok -d *

It produced this output:

Saving debug log to C:\Certbot\log\letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for

Please deploy a DNS TXT record under the name with the following value:
Before continuing, verify the record is deployed.

Press Enter to Continue
Waiting for verification...
[31mChallenge failed for domain[0m
dns-01 challenge for
Cleaning up challenges
[31mSome challenges have failed.[0m
[0m - The following errors were reported by the server:
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for - check that a DNS record exists for this domain
My web server is (include version): node.js (6.14.4)

The operating system my web server runs on is (include version): Windows Server 2016

My hosting provider, if applicable, is: GoDaddy

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.5.0


Welcome to the Let's Encrypt Community, Slobodan :slightly_smiling_face:

You need to create a TXT record in your DNS with host/name of and the value specified by certbot (Z0Jt2AfXz1WIIh2dJd3jcw2GL1WCHCINgDqhY11xx0o).

After you create the TXT record, use the following tool to check that was created and propagated successfully. Look under ;ANSWER for the result.

See JuergenAuer's analysis below to understand what you did wrong.

1 Like

Hi @skosanovic

you have created the wrong entry - see your check, some days old -

Domainname TXT Entry Status āˆ‘ Queries āˆ‘ Timeout ok 1 0 Name Error - The domain name does not exist 1 0 3aWwG1jCxtkz9giAQ8_gZ_-YbVdFukWTitJxT77CZnc perhaps wrong 1 0 4LzTSmUQrc4ZlcmAqSs000QiVt8JGxXLqWUBLojs_80 perhaps wrong 1 0 QK7vlP2I3JaDdik0fmdeF-osQxk27XBJ6ouEzEDqS4w perhaps wrong 1 0

Your menu adds your domain name, so your domain name is duplicated.

Use _acme-challenge as domain name.



This issue with appending the domain name to the host/name seems to be quite prevalent in many DNS managers. I wonder if appending a period would keep the host/name from being relative and thus prevent the issue. ->


You think one small period will stop the Big Go Daddy Monster!

You would think that a simple check would catch the duplicate within the DNS manager.
"Are you sure you want to add xyz.YOUR-DOMAIN.YOUR-DOMAIN ?"

What's funny is that I wrote that and then went to see if they used GoDaddy or not.
[you guessed it]


Hi, Jurgen,

Thank you so much for your quick answer. This was the problem and you've found the solution.