webprofusion-chrisc
commented
1 year ago The challenge is failing with NXDOMAIN because Let's Encrypt cannot find a domain called spuffingbot.com.
If I try dig or an rdap query it's also not found. You can only get Let's Encrypt certificates for real domains, so even if you have a zone on Azure with that name it's not a real domain until the global public DNS system knows about it.
A real domain is created by registering the domain through a public domain register and nominating the nameservers (your azure dns zone) to point to.
VadymPavliuk
Hi, Can you please help me certificate generation.
I'm trying to generate * certificate for my Azure app using Poshacme utility. I created dns zone for test first, with domain: spuffingbot.com
I tried few variations of commadns both with manual plugin and Azure plugin. New-PACertificate 'spuffingbot.com' -Contact '.com' New-PACertificate www.spuffingbot.com -Contact '.com'
PS C:\WINDOWS\system32> $pArgs = @{
Here is the error message that I'm getting: Submit-ChallengeValidation : Authorization invalid for spuffingbot.com: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.spuffingbot.com - check that a DNS record exists for this domain At C:\Program Files\WindowsPowerShell\Modules\Posh-ACME\4.19.0\Public\New-PACertificate.ps1:253 char:9
Also I tried to debug, and here is failed validation message that I got: { "status": "invalid", "expires": "2023-09-25T23:59:42Z", "identifiers": [ { "type": "dns", "value": "spuffingbot.com" } ], "authorizations": [ "https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/8369206794" ], "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/118556394/11019577794" }
I am seeing TXT records created on DNS zone (and tried to create manually) and they are reacheble via dig or nslookup, every tyme.
I'm on Windows 10 machine, DNS zone is created on Azure.
I probably miss something, please let me know if any more inforamtion is needed. Thx.