Now I know it can take “24-48 Hours” for propagation but it seems my newly added txt record is not propagating. I have queried cloudflares dns with a dig specifically and I still cannot see it and only my spf record which was there before. I have made other additions to DNS such as CNAME records and they have propagated as normal. Need some insight please!
Can you share the name of the domain as well as the name of the record you added?
If a new record doesn’t show up within seconds, there is typically an error somewhere.
Domain is n0xlabs dot com
Record Type: TXT
Works for me:
dig +short _acme-challenge.n0xlabs.com txt
I have just tried to finished the setup of lets encrypt cert for a self hosted app and it had failed.
I have also queried it with mxtoolbox, dnslookup, etc.
Not sure whats going on and why we can see it specifically with the command you used and not just a general query/dig of the txt records
I am going to have to do a new one now since it failed but i think it may have the same results
Its now gy9bZzMDf2sR7Ixbwe8lCNWUa2ikU0BWD96pm408Cus for the contents
All seem to be working. Did you enter the full record name
_acme-challenge.n0xlabs.com or just your domain
Just the domain name when i did it
That would explain why you didn’t find it, you need to enter the full name.
Why would my other txt record come up then? Also when cert bot reaches out to verify it it queries the domain i think.
Because your other txt record has the name
_acme-challenge.n0xlabs.com is correct and what LetsEncrypt will query.
If it doesn’t work, make sure you didn’t make any typos in certbot when you created your certificate.
Okay Im going to go validate everything quick and then attempt it once more. I appreciate your help, will keep you updated soon
Okay so maybe there was a typo both times i did it the first time. I just re checked everything with the newly generated one I had and then tried and it seemed to work…
im sorry, but i appreciate your help!
Nothing to be sorry for
Maybe it would be easier to use the Cloudflare Plugin for Certbot in the future (certbot-dns-cloudflare) - Welcome to certbot-dns-cloudflare’s documentation! — certbot-dns-cloudflare 0 documentation.
It takes a few more steps to set up, but you wouldn’t have to do anything manually afterwards to renew your certificate. You just have certbot run once a day and it will do everything automatically.
Ill have to look into this! thank you!
The short version:
You create a Cloudflare token with the permission
Zone:DNS:Editfor your domain
Create API token · Cloudflare Fundamentals docs
Save the token somewhere in a text file named cloudflaretoken.ini
Install certbot-dns-cloudflare. For example on Ubuntu:
apt install certbot-dns-cloudflare
Use this command to create a wildcard certificate for one domain. Replace
domain.tldwith your domain (3 times) and
/path/to/cloudflaretoken.iniwith the location where you saved the file.
certbot certonly -a dns-cloudflare \
--cert-name domain.tld \
--dns-cloudflare-credentials /path/to/cloudflaretoken.ini \
--dns-cloudflare-propagation-seconds 30 \
-d domain.tld,\*.domain.tld \
- Run the command
certbot renewonce a day, for example via Cron. It will renew your certificate if it is within… one month or so of its expiration date.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.