A bit of background – This is an internal only webserver. I do have the ability of making DNS changes where I did add the TXT record for this dns name. The DNS record is not viewable via external DNS. Is that an issue?
My domain is: internal.server.com
I ran this command: certbot certonly --manual --preferred-challenges dns-01 -d internal.server.com --dry-run
It produced this output: `
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for atsb-swpc-pup-svr-lx.swpc.noaa.gov
NOTE: The IP of this machine will be publicly logged as having requested this
certificate. If you’re running certbot in manual mode on a machine that is not
your server, please ensure you’re okay with that.
Are you OK with your IP being logged?
Please deploy a DNS TXT record under the name
_acme-challenge.internal.server.com with the following value:
Before continuing, verify the record is deployed.
Press Enter to Continue
Waiting for verification…
Here I run watch -n1 host -t txt _acme-challenge.internal.server.com on a separate terminal…
when it updates, I press ENTER
Cleaning up challenges
Failed authorization procedure. internal.server.com (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.internal.server.com
The following errors were reported by the server:
Detail: DNS problem: NXDOMAIN looking up TXT for
My web server is (include version): httpd v2.4.6
The operating system my web server runs on is (include version): RHEL 7.5
I can login to a root shell on my machine (yes or no, or I don’t know): Yes