The .MP TLD does not have DNSSEC on it’s chain, otherwise I would actually suggest you to look into that, e.g. similar to here:
→ Edge Certificates (pending validation Txt) 24hr+ - #2 by DarkDeviL
That one is actually weird, and may point in the direction that you could have some DNS records that may be conflicting with the records for the domain validation.
If you are having some NS
on the same label, or one of it’s parents, where the validation record would be below, that could possibly cause issues.
Or otherwise having records that cannot co-exist with other (e.g. attempting both CNAME
and TXT
records at the same label), such things can cause problems too.
IIRC, I believe Cloudflare is actually rejecting the creation of the invalid CNAME
/TXT
combo though.
If GTS checks the DNS token, and that the DNS token that they want to see, is different from what is actually shown on that record, it will indeed prevent the validation from succeeding.
I do however believe it will be wild guessing trying to figure out what went wrong.
Anyway, I’m happy to hear you’ve solved your problem, thanks for returning to the Community about that!