I ran this command:certbot certonly --manual --preferred-challenges dns --server https://acme-v02.api.letsencrypt.org/directory -d websitesify.com -d *.websitesify.com
It produced this output:
Requesting a certificate for websitesify.com and *.websitesify.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name:
_acme-challenge.websitesify.com.
with the following value:
VV-AVssgXyvPZDLCAWvvptXZkDcAkp2bM9aQRNGJH4k
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name:
_acme-challenge.websitesify.com.
with the following value:
rT8bJFrkIQrJf41EgE2S0PNe6gMe-8FawKPaRdZLM9U
(This must be set up in addition to the previous challenges; do not remove,
replace, or undo the previous challenge tasks yet. Note that you might be
asked to create multiple distinct TXT records with the same name. This is
permitted by DNS standards.)
Before continuing, verify the TXT record has been deployed. Depending on the DNS
provider, this may take some time, from a few seconds to multiple minutes. You can
check if it has finished deploying with aid of online tools, such as the Google
Admin Toolbox: https://toolbox.googleapps.com/apps/dig/#TXT/_acme-challenge.websitesify.com.
Look for one or more bolded line(s) below the line ';ANSWER'. It should show the
value(s) you've just added.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: websitesify.com
Type: dns
Detail: DNS problem: query timed out looking up TXT for _acme-challenge.websitesify.com
Domain: websitesify.com
Type: dns
Detail: DNS problem: query timed out looking up TXT for _acme-challenge.websitesify.com
Hint: The Certificate Authority failed to verify the manually created DNS TXT records. Ensure that you created these in the correct location, or try waiting longer for DNS propagation on the next attempt.
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
I can login to a root shell on my machine:yes
I'm using a control panel to manage my site:Cpanel
The version of my client is:certbot 1.21.0
My domain TXT records are working fine but i don't know how letsencrypt fails the verification
I have executed the above command but again got the same TXT Lookup error, But TXT entries updated properly i have cross-verified it using Dig command and Dig (DNS lookup).
I have deleted old TXT Records Entries and added few new TXT records
Still Facing Same Issue
unboundtest output :
Query results for TXT _acme-challenge.websitesify.com.
----- Unbound logs -----
Nov 14 13:24:16 unbound[508679:0] notice: init module 0: validator
Nov 14 13:24:16 unbound[508679:0] notice: init module 1: iterator
Nov 14 13:24:16 unbound[508679:0] info: start of service (unbound 1.16.3).
Nov 14 13:24:17 unbound[508679:0] query: 127.0.0.1 _acme-challenge.websitesify.com. TXT IN
Nov 14 13:24:17 unbound[508679:0] info: resolving _acme-challenge.websitesify.com. TXT IN
Nov 14 13:24:17 unbound[508679:0] info: priming . IN NS
Nov 14 13:24:17 unbound[508679:0] info: response for . NS IN
Nov 14 13:24:17 unbound[508679:0] info: reply from <.> 202.12.27.33#53
Nov 14 13:24:17 unbound[508679:0] info: query response was ANSWER
Nov 14 13:24:17 unbound[508679:0] info: priming successful for . NS IN
Nov 14 13:24:17 unbound[508679:0] info: response for _acme-challenge.websitesify.com. TXT IN
Nov 14 13:24:17 unbound[508679:0] info: reply from <.> 2001:503:c27::2:30#53
Nov 14 13:24:17 unbound[508679:0] info: query response was REFERRAL
Nov 14 13:24:17 unbound[508679:0] info: response for _acme-challenge.websitesify.com. TXT IN
Nov 14 13:24:17 unbound[508679:0] info: reply from <com.> 2001:500:856e::30#53
Nov 14 13:24:17 unbound[508679:0] info: query response was REFERRAL
Nov 14 13:24:21 unbound[508679:0] info: Capsforid: timeouts, starting fallback
Error running query: read udp 127.0.0.1:51274->127.0.0.1:1053: i/o timeout