• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion
  • Inviting everyone to the UX test of a new security feature in the WP Toolkit
    For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.

Question Incorrect TXT record "f-SabDKKcvWsjfiCn08yEbfdWiafvFo6" found at _acme-challenge.mydomain.com - What am I doing wrong?

carlsson

carlsson

Basic Pleskian
Server operating system version
Ubuntu 20.04.6 LTS
Plesk version and microupdate number
18.0.59 Update #2
Every now and then I get this message "Incorrect TXT record "f-SabDKKcvWsjfiCn08yEbfdWiafvFo6" found at _acme-challenge.mydomain.com".
Even though I have issued a Let's encrypt certificate recently, and I know that I haven't altered the _acme-challenge record after that.

The only way I know of that fixes this is to re-issue a new certificate. Feels kinda unnecessary though, but I can't find any way in Plesk that gives me the TXT record that it wants.

Is it only me?
What am I doing wrong?
 

Attachments

  • Skärmavbild 2024-04-14 kl. 15.29.57.png
    Skärmavbild 2024-04-14 kl. 15.29.57.png
    101.4 KB · Views: 3
The ACME challenge can change depending on how it's being issued and if it's a renewal.

If you're using the DNS service built into Plesk, the ACM challenge will update accordingly automatically but it's still possible that it's still waiting on the DNS changes but should auto fix itself.

If you've got a wildcard cert issued on a domain and you want to use apply a certificate to a sub domain, instead of issuing a new certificate, edit the hosting setting and select your wildcard certificate instead.
 
Thanks for the input.

I really want to use the built in DNS, but I'm afraid of only having one DNS. Maybe another topic, but should I?
 
If you're using an external DNS service like Cloudflare or DNSMadeEasy or even your registrars, then the ACME challenge will fail until you update the record yourself manually.

Also if you want to use your own, most registrars will force you to have at least 2 DNS name servers (usually can get away using the same IP address), and you don't have to if you don't want to, it can get kinda annoying to get the name servers set up correctly on other registrars for it to work correctly. Just know that when it comes to renewing the certificate that uses the DNS challenge that it might fail until you update the challenge key with the new one.
 
You must log in or register to reply here.

Similar threads

M
Issue txt records are not showing
Replies
2
Views
1K
mudassarkhan
M
H
Resolved Wildcard SSL Certificate Auto Renewals not Working for Let's Encrypt with External DNS
Replies
6
Views
4K
NickSick
N
D
Issue ACME challenge is not showing up
Replies
10
Views
2K
artalva
artalva
B
Resolved Can't secure webmail
Replies
2
Views
1K
Bricee
B
B
Resolved Why do I need an acme-challenge DNS record on one domain but not another
Replies
2
Views
10K
brownbag
B
Back
Top