I am using certbot to generate a ssl certificate for a third party web app. Because I cannot get into the source code or folder structure, I am using DNS validation. To further complicate things, my DNS provider does not make it clear when the changes have been applied and are propagating. I have to start the process, get the values, publish them to DNS, wait a long while, and hit ENTER to complete the validation. If the time I waited was not long enough, or the terminal session to the server dies, I have to start over -- which generates new values to be put into DNS.
I would like to query my DNS name servers to see if and when my _acme_challenge
value has propagated. Let's Encrypt has a means to check this value, but I cannot seem to figure this one out. All the online forums that I am finding are for querying the default TXT record that is used for SPF.
Output of the certbot validation process
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please deploy a DNS TXT record under the name
_acme-challenge.app.mydomain.com with the following value:
4Rn5ZNCdLYDYK9uQnyZ7k3CJ8kNsNyIJa9QeXCeOCMI
Before continuing, verify the record is deployed.
(This must be set up in addition to the previous challenges; do not remove,
replace, or undo the previous challenge tasks yet. Note that you might be
asked to create multiple distinct TXT records with the same name. This is
permitted by DNS standards.)
How do I query this named TXT record?
Verify with a commands like this.
We can also use the googleapps webpage for such lookups.
https://toolbox.googleapps.com/apps/dig/#TXT/