What do i add as host/name


#1

hi guys,

what do add as name/host on below or is it nothing?

Add the following TXT records below to the DNS server for each domain (In the Time to Live (TTL) field, enter 1):
Add TXT record with the name/host _acme-challenge.mywebsite.com with the value nD2jUBjjkhZLTBVkKUYry-JmZznZhAz8YbcTDyu
Add TXT record with the name/host _acme-challenge.www.mywebsite.com with the value HzvtFJEL-pTzvhnDVSnwioRw1IvDdV0-ZqUTGToT

i have added it like this please see attached image

after my settings above i get this message:
No TXT Record Found. Make to set the TTL to 1 second or if you cannot set the TTL then you must wait the TTL (in seconds) so it updates before verifying the domain. Contact your DNS provider if unsure.

if is wrong is it possible to see a sceenshot from you guys of dns settings?

warm regards Birken


#2

You might try just _acme-challenge and _acme-challenge.www - assuming the other subdomains in that screenshot are working, it looks like your DNS interface is probably adding the .mydomain.com part automatically.


#3

i have no added it like this:

still get this message when trying to verify: https://www.sslforfree.com/create?dns_txt_verify=_acme-challenge.mysite.com

message:
No TXT Record Found. Make to set the TTL to 1 second or if you cannot set the TTL then you must wait the TTL (in seconds) so it updates before verifying the domain. Contact your DNS provider if unsure.


#4

Could you please show the affected domain name?


#5

here it is http://www.temporary-url.com/9FB


#6

Try using the following host name in your dns settings:

_acme-challenge.your-domain.
_acme-challenge.www.your-domain.

The trailing dot is important to clarify that the name is not anchored at the origin, but is a fqdn instead.
Besides: there is no reason in hiding your domain name.


#7

hello, it remove my-domain. automatic.
so it still showing like this;

_acme-challenge
_acme-challenge.www

https://www.sslforfree.com/create?dns_txt_verify=_acme-challenge.webexperterna.se

any ideas?


#8

Then you should ask your hosting/DNS support, why the TXT records are not getting propagated to the name servers.


#9

this it what host say:

I can give for about 4 hours but it’s not guarantee, what is guaranteed is that it will be updated, you’ve setup the records correctly with no issues.

is this correct?


#10

You have to rely on what your provider says, it’s simple as that.
The entries at least look correct.


#11

If your DNS host is saying that DNS entries may take over four hours to propagate within their own system, I’d say it’s time to find a new DNS host–that’s just ridiculous.


#12

Hi @birken,

I suppose your hosting provider is saying that the records will be propagated in 4 hours because as shown in one of the screenshots, for some records, you have defined a max TTL of 14400 seconds (4 hours) and that is the time a dns resolver will keep your records in the cache but you don’t need to wait that time because LE doesn’t cache records, well, it does but just 60 seconds as far as I know.

So, the important thing is when the authoritative dns servers for your domains are updated once you have added or modified a record.

The authoritative dns servers for your domain are:

$ dig webexperterna.se ns +short
ns1.svenskwebbhotell.se.
ns2.svenskwebbhotell.se.

So, once you add the TXT record for _acme-challenge.webexperterna.se you should check that both authoritative dns servers answer with the new record:

dig @ns1.svenskwebbhotell.se _acme-challenge.webexperterna.se txt +short
dig @ns2.svenskwebbhotell.se _acme-challenge.webexperterna.se txt +short

If both commands give you the right TXT record you are done, you could try to issue your LE certificate using dns challenge, you don’t need to wait more (neither 4 hours nor 1 second) :wink:

Note: Regarding www.webexperterna.se seems you have defined 3 ns records for this domain too:

$ dig www.webexperterna.se ns +short
webexperterna.se.
ns1.svenskwebbhotell.se.
ns2.svenskwebbhotell.se.

It is not usual to have such configuration but it could work, just keep in mind that the 3 dns authoritative servers should answer with the same modified/added TXT record for _acme-challenge.www.webexperterna.se

Cheers,
sahsanu


#13

wow thx mate it seem to work now :slight_smile:


#14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.