Using win-Acme to generate SAN cert for Exchange and I am receiving validation error below. I made sure the ports 80 and 443 were open and forwarded on my firewall.
How do I go about performing DNS validation of this?
Before you switch to DNS validation it's worth understanding why your https validation is not working. DNS validation can be just a little more complicated than http validation and I don't know what providers win-acme supports (I develop https://certifytheweb.com - which is an alternative).
You may need to run your renewal in some sort of verbose/debug mode but if port 80 is definitely being forwarded to the correct server (this one) and there is nothing blocking/consuming port 80 it should just work. The most common reasons are port 80 is no longer open in Windows Firewall, or at the VM/cloud level, or the machine just needs a restart.
I'd also normally expect a slightly more detailed error message when validation fails.
thanks for your help. I moved on to a different DNS provider and trying to use API from Cloudflare and Acmv2 (cloudflare plugin)
Do I have to create any DNS records in Cloudflare? How can I get this to work please?
Any help would be greatly appreciated!
Thank You
Cached order has status pending, discarding
[autodiscover.thedasilvafamily-us.com] Authorizing...
[autodiscover.thedasilvafamily-us.com] Authorizing using dns-01 validation (Cloudflare)
Unable to find or contact authoritative name servers for _acme-challenge.autodiscover.thedasilvafamily-us.com: Query 14704 => com IN NS on 8.8.8.8:53 timed out or is a transient error.
[autodiscover.thedasilvafamily-us.com] Error preparing for challenge answer
Create certificate failed: [autodiscover.thedasilvafamily-us.com] Error preparing for challenge answer
- No certificate generated