I am using sslforfree to register a new wildcard certificate for al my domains at elernic.co.ke. I’ve added the two txt records as requested but when I click verify TXT records I get this message.
“No TXT Record Found. Make to set the TTL to 1 second or if you cannot set the TTL then you must wait the TTL (in seconds) so it updates before verifying the domain. Contact your DNS provider if unsure.”
I have done an Nslookup and I can see the txt records thus I assume propagation is okay. Why won’t my browser not see them and verify?
Your domains is using 4 authoritative name servers:
$ dig elernic.co.ke ns ns +noall +answer
;; Warning, extra type option
; <<>> DiG 9.11.1 <<>> elernic.co.ke ns ns +noall +answer
;; global options: +cmd
elernic.co.ke. 86289 IN NS ns19.truehost.cloud.
elernic.co.ke. 86289 IN NS f.ns.buddyns.com.
elernic.co.ke. 86289 IN NS k.ns.buddyns.com.
elernic.co.ke. 86289 IN NS ns20.truehost.cloud.
Which are a bit different from the parent zone which is advertising this 4 (the ones by truehost are different and these ns servers are the ones configured in your registrar):
elernic.co.ke. 86400 IN NS f.ns.buddyns.com.
elernic.co.ke. 86400 IN NS k.ns.buddyns.com.
elernic.co.ke. 86400 IN NS ns15.truehost.cloud.
elernic.co.ke. 86400 IN NS ns16.truehost.cloud.
And, the buddyns servers aren’t answering requests for your domain:
$ dig _acme-challenge.elernic.co.ke @ns20.truehost.cloud txt +noall +answer
; <<>> DiG 9.9.7 <<>> _acme-challenge.elernic.co.ke @ns20.truehost.cloud txt +noall +answer
;; global options: +cmd
_acme-challenge.elernic.co.ke. 1 IN TXT "OpYbZngLmoXXoBsT9Uc9QlXKteCBpCVhdX2Vw5FBzuA"
_acme-challenge.elernic.co.ke. 1 IN TXT "hkDN5OI2YPFkxr2IyMNJPym9BTBFVRu7pAGMdYQIbho"
$ dig _acme-challenge.elernic.co.ke @ns19.truehost.cloud txt +noall +answer
; <<>> DiG 9.9.7 <<>> _acme-challenge.elernic.co.ke @ns19.truehost.cloud txt +noall +answer
;; global options: +cmd
_acme-challenge.elernic.co.ke. 1 IN TXT "hkDN5OI2YPFkxr2IyMNJPym9BTBFVRu7pAGMdYQIbho"
_acme-challenge.elernic.co.ke. 1 IN TXT "OpYbZngLmoXXoBsT9Uc9QlXKteCBpCVhdX2Vw5FBzuA"
$ dig _acme-challenge.elernic.co.ke @f.ns.buddyns.com txt +noall +answer
; <<>> DiG 9.9.7 <<>> _acme-challenge.elernic.co.ke @f.ns.buddyns.com txt +noall +answer
;; global options: +cmd
;; connection timed out; no servers could be reached
$ dig _acme-challenge.elernic.co.ke @k.ns.buddyns.com txt +noall +answer
; <<>> DiG 9.9.7 <<>> _acme-challenge.elernic.co.ke @k.ns.buddyns.com txt +noall +answer
;; global options: +cmd
;; connection timed out; no servers could be reached
No, I've no idea but if those ns servers are secondary "slaves" maybe you need to add them to truehost but as I said, I don't know the features of trruehost nor buddyns so that is something you will need to figure out