AutoSSL error for non-www record: DCV challenge returned no “TXT” record that matches the value

FrisOnline

Registered
Sep 26, 2016
4
1
1
Netherlands
cPanel Access Level
Root Administrator
Hi,

I'm running into an issue where AutoSSL won't install a SSL-certificate for the non-www version of the domain while the www version of the domain get's validated and also has a SSL certificate installed.

I've already contacted out host but with no success so far. This is the full error:

DNS DCV: The DNS query to “_cpanel-dcv-test-record.domain.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=4KaofcL0TKEWQQRO1Mgc0S31ZdQcKk4mLnpVQDLY9iKXhsTjaqa143OVRz9sx9ca”.; HTTP DCV: “domain.com” does not resolve to any IP addresses on the internet.

The A-records of the domain which are hosted externally ( we don't own the domain either) have been changed last thursday to point to our own VPS as the older site was hosted somewhere else. When pinging the domain (www and non-www) it shows the correct IP-address.

The domain is setup as an alias. I don't have any issues validating the other domains connected to the account, it's only the non-www version of the domain which fails. Never had his issue before but found similar errors when searching the cPanel forums.

Is there any way to solve this issue? I can share a screenshot of all DNS-records if needed in private.

Thanks in advance,
Niels
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Because DNS is not hosted locally you wouldn't be able to complete the DNS DCV check.

HTTP DCV is failing due to a failed lookup for the IP address. How long after the A record was changed did you run AutoSSL? What is present in the Zone Editor for this domain (Type of records)?
 

FrisOnline

Registered
Sep 26, 2016
4
1
1
Netherlands
cPanel Access Level
Root Administrator
Because DNS is not hosted locally you wouldn't be able to complete the DNS DCV check.

HTTP DCV is failing due to a failed lookup for the IP address. How long after the A record was changed did you run AutoSSL? What is present in the Zone Editor for this domain (Type of records)?
Hi Lauren,

That is quite strange though as all other domains / DNS are not hosted locally too but they do get verified. In fact all the domains / DNS that we're using are not hosted locally and we've never run into this issue before.

I've run the AutoSSL once I noticed that the IP-address has been changed with a ping check which was half an hour after changing the DNS. I've run AutoSSL again yesterday (monday)

See attached screenshot for the records in the Zone Editor.
 

Attachments

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Anytime DNS Is not hosted locally the DNS DCV will fail, that's ok because we fallback to HTTP DCV

In this case what is causing the issue is that the HTTP DCV is also failing. When performing a curl request to the domain as follows:

Code:
curl -kvv domain.nl
I get a response which indicates that it's being redirected via the CMS to HTTPS. The HTTP DCV check CANNOT complete when the domain is forced to HTTPS in this manner.

Code:
< HTTP/1.1 301 Moved Permanently
< Date: Wed, 29 Jul 2020 01:16:37 GMT
< Server: Apache
< Expires: Wed, 29 Jul 2020 02:16:38 GMT
< Cache-Control: max-age=3600
< X-Redirect-By: WordPress
< Location: https://domain.nl/
 

FrisOnline

Registered
Sep 26, 2016
4
1
1
Netherlands
cPanel Access Level
Root Administrator
We found the issue Lauren, there was a mismatch between the NS-records in the DNS, both values were incorrect and used ns1.domain and ns2.domain instead of the correct value of ns3.domain and ns4.domain. After changing both records we could verify the domain and install the certificate.
 
  • Love
Reactions: cPanelLauren

latiendamiga

Registered
Oct 4, 2020
2
2
3
Alcobendas
cPanel Access Level
Website Owner
Hello I have a simmilar issue,
I have reviewed dns zone and it shows nice.
Could somebodyt help?

When I try RunAutoSSL it shows:

DNS DCV: The DNS query to “_cpanel-dcv-test-record.domain.com” for the DCV challenge returned no “TXT” record that matches the value “_cpanel-dcv-test-record=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”.; HTTP DCV: The system queried for a temporary file at “https://domain.com/.well-known/pki-validation/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.txt”, which was redirected from “http://domain.com/.well-known/pki-validation/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.txt”. The web server responded with the following error: 404 (). A DNS (Domain Name System) or web server misconfiguration may exist.

where xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx are a key or a file name.

Thanks in advance.
 
Last edited by a moderator: