We have received a txt_name (equals to www.site.tld) and txt_value (example here ca3-xxxxxxxxx.
Where do we put the TXT records though? Are they supposed to go to the site.tld root in the common format of www.site.tld=txt_value? Or are they supposed to be set on the txt_name, meaning they would be discoverable at www.site.tld.site.tld?
For example, is this correct?
$ dig -t TXT site.tld
site.tld. 300 IN TXT "www.site.tld=ca3-xxxxxxxxx"
Or is this correct?
$ dig -t TXT www.site.tld.site.tld
www.site.tld.site.tld. 300 IN TXT "ca3-xxxxxxxxx"
There already is a CNAME record present on the www.site.tld thus we can not add another TXT record there.
In the end, we have worked around the issue by going for an advanced certificate with a wildcard for the immediate post-launch, then we have switched back to the HTTP method to get the universal SSL once there was a functioning certificate in place.