Trying to get the dns text to enter the dns challenge

I am trying to get the correct text to enter the DNS challenge in I ran Certbot. However, even though I entered "--debug-challenges" it did not show the expected text to enter the DNS challenge.

My domain is:

I ran this command:
certbot certonly --manual --manual-auth-hook /etc/letsencrypt/ --preferred-challenges dns --debug-challenges -d * -d
It produced this output:
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for - check that a DNS record exists for
this domain
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.40.0

You seem to be using acme-dns, which usually requires a CNAME pointing to the acme-dns instance. Did you do that step? I assume you read the acme-dns documentation, right? Otherwise you wouldn't be using as a manual auth hook I'd think.


Using this online tool search for DNS records on these results DNS Spy report for to find the DNS records (towards the bottom of the page).

Or using this online tool here are the DNS Records Hardenize Report:

And for those who like here are the results | DNSViz

And description of DNS-01 challenge

1 Like

And this is what I see with nslookup

$ nslookup
> server
Default server:
> set q=txt
Address:    text = "nothing"

And with the results are here

1 Like

Maybe I did not explain the problem well enough. I want to enter the CNAME for in my DNS. I followed this guide:

I may have misunderstood it, but though that it give me an output like this:

Output from
Please add the following CNAME record to your main DNS zone:
_acme-challenge.your-domain CNAME
Waiting for verification...
However, somehow the script continues to run, cleans up, and does not show the "add the following CNAME record to your main DNS...". Can you help?

Continuing the discussion from DNS providers who easily integrate with Let's Encrypt DNS validation:

1 Like

Hi Bruce,
Thank you for your investigation and clearly I did not explain the problem well enough. I want to be able to get a certificate but I have not been able to write the correct text into the text = "nothing" field. Can you help?


It will only show those instructions the very first time you run the hook. After that, not any longer.

You might be able the fetch the required CNAME value from the file /etc/letsencrypt/acmedns.json.


Thank you. I am in the process of moving to cloudflaire which is on your list.


Thanks, that was exactly what I was looking for.


Just giving credit where credit is due, the list is from @_az; I merely pointed to their list. :slight_smile:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.