Join 1M+ other developers and:
- Get help and share knowledge in Q&A
- Subscribe to topics of interest
- Get courses & tools that help you grow as a developer or small business owner
Letsencrypt : DNS challenges failed. Incorrect TXT record
My domain is: iskalar.com
I ran this command:
sudo certbot certonly --manual -d *.iskalar.com -d iskalar.com --agree-tos --no-bootstrap --manual-public-ip-logging-ok --preferred-challenges dns-01 --server https://acme-v02.api.letsencrypt.org/directory
Please deploy a DNS TXT record under the name _acme-challenge.iskalar.com with the following value: VF2OMqNtJBL8K2uOFx_gjSDdVioQeIwoCMcqiN3-qEQ Before continuing, verify the record is deployed. (This must be set up in addition to the previous challenges; do not remove, replace, or undo the previous challenge tasks yet. Note that you might be asked to create multiple distinct TXT records with the same name. This is permitted by DNS standards.) Press Enter to Continue Waiting for verification… Cleaning up challenges Failed authorization procedure. iskalar.com (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record “VF2OMqNtJBL8K2uOFx_gjSDdVioQeIwoCMcqiN3-qEQ” found at _acme-challenge.iskalar.com
*I deployed the DNS TXT value and hit enter. *
IMPORTANT NOTES: The following errors were reported by the server: Domain: iskalar.com Type: unauthorized Detail: Incorrect TXT record “VF2OMqNtJBL8K2uOFx_gjSDdVioQeIwoCMcqiN3-qEQ” found at _acme-challenge.iskalar.com To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal.
*NSlookup give the same value. *
$ nslookup -q=txt _acme-challenge.iskalar.com ns1.digitalocean.com Server: ns1.digitalocean.com Address: 22.214.171.124#53 _acme-challenge.iskalar.com text = “VF2OMqNtJBL8K2uOFx_gjSDdVioQeIwoCMcqiN3-qEQ”
What should I do to make it work.
Can i re run the command. Do I need to delete any files. before re running the command?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×