Continuing the discussion from AutoSSL did not renew the certificate for the DCV challenge returned no "TXT record that matches:
Enter #CommunityTip & the error message you’re seeing to find Community Tips with advice and insight.
Please search for any existing topics relating to your subject before posting.
Anyone can help? Been trying this for most of day
Help with what? You didnt mention an issue but kept the default prompt to actually use the search.
Thanks Sandro for replying.
So the way to make this work is to upload a text file into a protected folder on my website and write a TXT record in DNS to point to this text file correct?
The contents of the text file must be this format: text=NQz0W5WAAX2qz_6jBVhlP01Wr_4aWjh1thCwPY2nyC or this format:
_cpanel-dcv-test-record=NQz0W5WAAX2qz_6jBVhlP01Wr_4aWjh1thCwPY2nyC
I really dont know what you are referring to.
Can you describe in detail what issue you are experiencing with what service?
I first received this msg in Email:
AutoSSL would normally renew this certificate now, but 2 of the website’s secured domains just failed DCV. To provide you with more time to resolve these problems, AutoSSL will defer the renewal until Jul 9, 2019 at 12:00:00 AM UTC. After that time, AutoSSL will request a replacement certificate that excludes any domains that fail DCV. At the time of this notice, the certificate will expire in 6 days, 20 hours, 30 minutes, and 46 seconds.
followed by:
DNS DCV: The DNS query to “_cpanel-dcv-test-record.xxx.com.sg” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=qnbRGFxyz2_Nul7_mmduqVUJVenQmU4hgnzMw6SyUdMSDfR6UdSMPtsUGAAZ1BIy”.; HTTP DCV: The system failed to fetch the DCV (Domain Control Validation) file at “http://xxx.com.sg/.well-known/pki-validation/B0BEC2FF23449894E9C15FC511781308.txt” because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “http://xxx.com.sg/.well-known/pki-validation/B0BEC2FF23449894E9C15FC511781308.txt” because of an error: Could not connect to ‘xxx.com.sg:80’: Address family for hostname not supported
. The domain “xxx.com.sg” resolved to an IP address “xxx” that does not exist on this server.
so, my solution is to create a TXT record in Cloudflare DNS, with name “_cpanel-dcv-test-record”
and value “qnbRGFxyz2_Nul7_mmduqVUJVenQmU4hgnzMw6SyUdMSDfR6UdSMPtsUGAAZ1BIy”
and upload a text file B0BEC2FF23449894E9C15FC511781308.txt onto my Webserver
with content of file: _cpanel-dcv-test-record=qnbRGFxyz2_Nul7_mmduqVUJVenQmU4hgnzMw6SyUdMSDfR6UdSMPtsUGAAZ1BIy
Is this procedure correct for DNS DCV testing
So you want to renew your server certificate?
Yes. Should auto-renew using AutoSSL
What exactly are you supposed to set in your configuration and what is your domain?
cavemen.com.sg
I explained how I configured in earlier messages (upload a text file), set a TXT record in DNS
But each time I run AutoSSL in cPanel, will say DCV testing failed
Sorry, but your earlier message was just a large dump of text. Can you post this in a more decipherable manner?
What exactly are you supposed to configure? Right now there is only one SPF record for that domain itself.
Steps I did:
Upload 1837A825EDE40912DAEE3C2215BE9A9A.txt into https://cavemen.com.sg/.well-known/pki-validation/F611AD52D9B8A3AD20945B2889452C95.txt folder
Add TXT record on cavemen.com.sg DNS Records (see attached)
Run AutoSSL in cPanel:
See error in cPanel:
My understanding is the when click on AutoSSL button in cPanel, this will prompt cPanel to look for a TXT record in DNS that is _cpanel-dcv-test-record.cavemen.com.sg
cPanel will read the contents of this file and compare that code inside with a Text file in: https://cavemen.com.sg/.well-known/pki-validation/ folder. If the code matches, it will renew the SSL Cert.
Is my understanding correct ?
From the error message it seems it is trying to connect to xxx.com.sg and that fails.
No. I didn’t want to mention my domain earlier.
This is actual error msg:
DNS DCV: The DNS query to “_cpanel-dcv-test-record.cavemen.com.sg” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=A7UmuSqQFqbg4wDuIPSQoFNQz0W5WAAX2qz_6jBVhlP01Wr_4aWjh1thCwPY2nyC”.; HTTP DCV: The system failed to fetch the DCV (Domain Control Validation) file at “http://cavemen.com.sg/.well-known/pki-validation/F611AD52D9B8A3AD20945B2889452C95.txt” because of an error: The system failed to send an HTTP (Hypertext Transfer Protocol) “GET” request to “http://cavemen.com.sg/.well-known/pki-validation/F611AD52D9B8A3AD20945B2889452C95.txt” because of an error: Could not connect to ‘cavemen.com.sg:80’
Well, there is a TXT record with that name and the value test=A7UmuSqQFqbg4wDuIPSQoFNQz0W5WAAX2qz_6jBVhlP01Wr_4aWjh1thCwPY2nyC. Should there maybe not be that “test” prefix?
Also, the URL in question works. This is probably a question for AutoSSL in this case.
Hi Sandro, thanks for the tip. Resolved now. Is not test prefix that’s needed but:
_cpanel-dcv-test-record=
Cheers,
Alfred
