Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: hydra-key.com
I ran this command:
certbot certonly --manual --preferred-challenges=dns --server https://acme-v02.api.letsencrypt.org/directory --email email@example.com -d *.hydra-key.com
It produced this output:
Please deploy a DNS TXT record under the name:
with the following value:
Before continuing, verify the TXT record has been deployed. Depending on the DNS
provider, this may take some time, from a few seconds to multiple minutes. You can
check if it has finished deploying with aid of online tools, such as the Google
Admin Toolbox: Dig (DNS lookup).
Look for one or more bolded line(s) below the line ';ANSWER'. It should show the
value(s) you've just added.
Press Enter to Continue
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Detail: DNS problem: query timed out looking up TXT for _acme-challenge.hydra-key.com
Hint: The Certificate Authority failed to verify the manually created DNS TXT records. Ensure that you created these in the correct location, or try waiting longer for DNS propagation on the next attempt.
The operating system my web server runs on is (include version): Mac monteray
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): certbot 1.19.0
This inquiry is translated from Korean to English.
We are inquiring about a problem while issuing a certificate through certbot.
When checking the error message, DNS TXT cannot be verified.
DNS TXT records can be checked when _acme-challenge.hydra-key.com is viewed from Dig (DNS lookup).
You can check it at Dig (DNS lookup), but I want to know why it is printed out that it cannot be checked in the certbot.