Why Does LetsEncrypt AutoSSL fail when I use Linode DNS?
Linode
Linode Staff
I have multiple domains hosted on a Linode server, and when I tried to switch from Comodo to LetsEncrypt AutoSSL, the certificate is not getting issued and shows the below error, as my DNS is at Linode:
NS DCV: The DNS query to “_cpanel-dcv-test-record.example.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=aFYxXkLx888moj10rU65WFN1wdpryAGLv1Skqu3iSQvotP8kN18lMCzfSM6b5Y0l”.; HTTP DCV: The system queried for a temporary file at “http://example.com/.well-known/acme-challenge/XSBI2FLBN6KNVDSW0EWAYUW4ZC-DD71U”, but the web server responded with the following error: 404 (Not Found). A DNS (Domain Name System) or web server misconfiguration may exist.
Are there any workarounds?
1 Reply
jcardillo
Linode Staff
Hello,
There is a very good cPanel forum post on this, here:
https://forums.cpanel.net/threads/autossl-dns-dcv-returned-no-txt-record.635277/
In regards to the error message you're seeing, they mention the following:
This error message suggests the DNS for the domain name in-question is not hosted on the cPanel & WHM server. Can you confirm the DNS for the affected domain name is managed on a remote server? If so, note the DNS-based DCV functionality is primarily designed to work when the DNS for a domain name is hosted by the local cPanel & WHM server (or the servers in a supported DNS cluster environment).
As far as a workaround goes:
You might be able to workaround this through the use of a custom script if the remote DNS host provides an API for you to use, however manually adding the records at the remote DNS provider isn't really a viable option at this point because the DCV request will timeout if the record isn't propagated within a short window of time after AutoSSL is initiated.