What does this mean?

[zwl1619]

[root@i001 ~]# le.sh  --issue  -d aa.com  --dns -d www.aa.com  --dns -d 111.aa.com  --dns
[Wed Apr 13 20:38:31 CST 2016] Creating account key
[Wed Apr 13 20:38:31 CST 2016] Use default length 2048
[Wed Apr 13 20:38:32 CST 2016] Registering account
[Wed Apr 13 20:38:36 CST 2016] Registered
[Wed Apr 13 20:38:36 CST 2016] Creating domain key
[Wed Apr 13 20:38:36 CST 2016] Use length 2048
[Wed Apr 13 20:38:36 CST 2016] Creating csr
[Wed Apr 13 20:38:36 CST 2016] Multi domain='DNS:www.aa.com,DNS:111.aa.com'
[Wed Apr 13 20:38:36 CST 2016] Verify each domain
[Wed Apr 13 20:38:36 CST 2016] Getting webroot for domain='aa.com'
[Wed Apr 13 20:38:36 CST 2016] Getting token for domain='aa.com'
[Wed Apr 13 20:38:40 CST 2016] Getting webroot for domain='www.aa.com'
[Wed Apr 13 20:38:40 CST 2016] Getting token for domain='www.aa.com'
[Wed Apr 13 20:38:43 CST 2016] Getting webroot for domain='111.aa.com'
[Wed Apr 13 20:38:43 CST 2016] Getting token for domain='111.aa.com'
[Wed Apr 13 20:38:46 CST 2016] Add the following TXT record:
[Wed Apr 13 20:38:46 CST 2016] Domain: _acme-challenge.aa.com
[Wed Apr 13 20:38:46 CST 2016] TXT value: t-Esp7Tv7Ak-HrGNP4vqOkF5PcRxzqf3Vtk5gNOZvkQ
[Wed Apr 13 20:38:46 CST 2016] Please be aware that you prepend _acme-challenge. before your domain
[Wed Apr 13 20:38:46 CST 2016] so the resulting subdomain will be: _acme-challenge.aa.com
[Wed Apr 13 20:38:46 CST 2016] Add the following TXT record:
[Wed Apr 13 20:38:46 CST 2016] Domain: _acme-challenge.www.aa.com
[Wed Apr 13 20:38:46 CST 2016] TXT value: q8AkhVWMlaLD2AKeZNZFeak5jO_pqW1hTEGvd5hFH6o
[Wed Apr 13 20:38:46 CST 2016] Please be aware that you prepend _acme-challenge. before your domain
[Wed Apr 13 20:38:46 CST 2016] so the resulting subdomain will be: _acme-challenge.www.aa.com
[Wed Apr 13 20:38:46 CST 2016] Add the following TXT record:
[Wed Apr 13 20:38:46 CST 2016] Domain: _acme-challenge.111.aa.com
[Wed Apr 13 20:38:46 CST 2016] TXT value: bJcnUq94BeNrv1qzaTK4fehxVNvNt9zmLLqrLw9_sHs
[Wed Apr 13 20:38:46 CST 2016] Please be aware that you prepend _acme-challenge. before your domain
[Wed Apr 13 20:38:46 CST 2016] so the resulting subdomain will be: _acme-challenge.111.aa.com
[Wed Apr 13 20:38:46 CST 2016] Please add the TXT records to the domains, and retry again.

[lucasRolff]

That you have to add a TXT record containing the value as listed on the domain as listed.

[zwl1619]

@lucasRolff How to add?Could you please show me an exapmle?

[lucasRolff]

In your DNS, just add a txt record: https://letsencrypt.github.io/acme-spec/#rfc.section.7.4

[heldchen]

you probably want to use a different method if you are not sure what the dns method implicates and unless you are able to automate this step.

it is not only needed for registration, but a new value has to be set for every time you have to renew the certificate.... there are some automation scripts in le.sh for a few dns providers, if your's not among them, i'd suggest you switch to the wwwroot method.

[zwl1619]

@heldchen Using wwwroot method, there is always an error like this:

ValueError: Wrote file to /var/www/challenges/oJbvpIhkwkBGBAQUklWJXyC8VbWAdQqlgpwUJkgC1Vg, but couldn't download http://www.aa.com/.well-known/acme-challenge/oJbvpIhkwkBGBAQUklWJXyC8VbWAdQqlgpwUJkgC1Vg

[Neilpang]

@zwl1619 you should read this: https://github.com/Neilpang/le/tree/master/dnsapi

[zwl1619]

@Neilpang Will support aliyun.com in future?

[Neilpang]

@zwl1619 I tried to implement it before, but their api is just a bullshit. It wasted much of my time.

[zwl1619]

@Neilpang So,what should I do? Changing my DNS from aliyun.com to one of Dnspod.cn,Cloudxns.com ,CloudFlare? By the way,can I speak Chinese?Aha!

[Neilpang]

建议更换 到 dnspod 或者 cloudxns。 如果不想更换，可以使用webroot 模式 https://github.com/Neilpang/le/issues/132