[GH-ISSUE #27] DNS Challenge is waiting for wrong TXT Entry #23

New issue

Open

opened 2026-02-25 21:30:50 +03:00 by kerem · 0 comments

kerem commented

2026-02-25 21:30:50 +03:00

Owner

Originally created by @pattisonmichael on GitHub (Sep 13, 2021).
Original GitHub issue: https://github.com/certera-io/certera/issues/27

Hi,

I'm trying to get the dns challenge to work, but it seems like the validation function that checks if the DNS entry has been propagated is checking the wrong name. I found this by sniffing the dns traffic on the machine.

My hosts are all internal and NOT reachable via public dns.
So for example I want to validate test.example.com.
For this to work I need a TXT entry for _acme_challenge.test.example.com on the NS that is in charge for LE to validate.
The Set DNS script is successfully generating this entry, but then Certera is trying to check if there is a record for test.example.com which is of course failing as this will not be available externally.

Is this a bug or am I missing something here?

Originally created by @pattisonmichael on GitHub (Sep 13, 2021). Original GitHub issue: https://github.com/certera-io/certera/issues/27 Hi, I'm trying to get the dns challenge to work, but it seems like the validation function that checks if the DNS entry has been propagated is checking the wrong name. I found this by sniffing the dns traffic on the machine. My hosts are all internal and NOT reachable via public dns. So for example I want to validate test.example.com. For this to work I need a TXT entry for _acme_challenge.test.example.com on the NS that is in charge for LE to validate. The Set DNS script is successfully generating this entry, but then Certera is trying to check if there is a record for test.example.com which is of course failing as this will not be available externally. Is this a bug or am I missing something here?