My domain is: turbine2.co.uk
I ran this command:
certbot certonly --manual --preferred-challenges=dns --email david@turbine2.co.uk --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.turbine2.co.uk
It produced this output:
Please deploy a DNS TXT record under the name
_acme-challenge.turbine2.co.uk with the following value:
p-K-AEs7cujrFx_LuVth1T7SkhNO7ZlV8rJLwmUNi-0
Before continuing, verify the record is deployed.
Press Enter to Continue
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. turbine2.co.uk (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record "i53uC_2HsqxmlQnW_VDJgPKa5kIe7k8Y6o46y1MgSp8" found at _acme-challenge.turbine2.co.uk
My web server is (include version): Apache 2.4 Debian
The operating system my web server runs on is (include version): Raspbian 5.4.51-v7+ #1327 SMP Thu Jul 23 10:58:46 BST 2020 armv7l
My hosting provider, if applicable, is: 123-reg (for DNS, home hosted for web)
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Yes (reg-123 control panel)
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): certbot 0.31.0
I initially ran the same command to create the wildcard domain and this has worked successfully. It's come to renewal time and I've tried the command again but it's not accepting that I have updated the DNS _acme-challenge TXT record (judging by the output of the error).
How long do I need to give it between updating the DNS record and it propagating to where LetsEncrypt recognises the change? I've tried up to 45 minutes so far but of course each time I try it I have to update with a new random string.
Many thanks for the guidance,
David