Where to put TXT records (Posh-ACME)

Hello, when I in PS trying to create new-PACertificate with -AcceptTOS

Where to create prompted TXT records?
I dont get further, and wonder about, when I go further will I be promted to set the DNS?

Once Posh-ACME shows the TXT records to you, you need to login to your domain’s DNS hosting control panel and create the TXT records there.

Or if you use a DNS host supported by Posh-ACME, you can use one of the DNS plugins to do this automatically.

More at https://github.com/rmbolger/Posh-ACME/blob/master/Tutorial.md#your-first-certificate

What @_az said. Also, here’s a link to the list of supported DNS providers.

I have pasted the TXT record in my DNS hosting Control panel. But I get an error after that. Im I suppose to edit the AuthValidation.ps1 with what?

Documents\WindowsPowerShell\Modules\Posh-ACME\Private\Wait-AuthValidation.ps1:34 char:17

  • … throw “Authorization invalid for $($auth.fqdn): $message” …
  •             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : OperationStopped…

and…DNS problem: NXDOMAIN looking up TXT for _acme-challenge

This is an error message from the Let’s Encrypt server basically saying it couldn’t find the TXT record you tried to create. That could either be because you created it incorrectly in your control panel or didn’t wait long enough for the changes to propagate.

Who is the DNS provider for your domain? The community here can help further if you share your domain name.

Thank you, my domain is www.duhar.se and the DNS-provider is ns1.loopia.se and ns2.loopia.se

Is this information useful for finding some error?

Hi @bd8pq

do you want to create a certificate with www.duhar.se, duhar.se or with both domain names?

Checking your domain there is a TXT value - https://check-your-website.server-daten.de/?q=duhar.se#txt

But that works only with duhar.se, not with www.duhar.se.

If you have startet the command with www.duhar.se, then it’s the wrong place.

Typical solution: Create a certificate with both domain names, so both TXT entries are required.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.