Where do I write/create DNS text record?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: app.oliveuion.com

I ran this command: sudo certbot certonly -d admin.oliveunion.com --manual --preferred-challenges dns-01 --force-renewal --manual-public-ip-logging-ok

It produced this output:
Performing the following challenges:
dns-01 challenge for admin.oliveunion.com

Please deploy a DNS TXT record under the name
_acme-challenge.admin.oliveunion.com with the following value:


Before continuing, verify the record is deployed.

Press Enter to ContinueWaiting for verification…
Cleaning up challenges
Failed authorization procedure. admin.oliveunion.com (dns-01): urn:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.admin.oliveunion.com


  • The following errors were reported by the server:

    Domain: admin.oliveunion.com
    Type: None
    Detail: DNS problem: NXDOMAIN looking up TXT for

My web server is (include version): Nginx

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: cafe24

I can login to a root shell on my machine (yes or no, or I don’t know): don’t know, but I use sudo

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):certbot 0.23.0

I have no idea where to create this DNS text record. Do I write on the webserver? Cafe24? I’m extremely lost with this one.

In your DNS zone file editor.

Nope, webservers don't have anything to do with DNS settings. (Most of the time.)

It seems your domains DNS is hosted by Cafe24, so I guess this is correct! Look for the DNS settings in their control panel, specifically something called a zone file and/or zone file editor. Or sometimes it's just called DNS editor or something like that.

Another question for you: why are you using the DNS challenge? Is port 80 blocked?

1 Like

Thank you for responding. I was able to solve my issue by following the directions found here: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.