SSL certificate error: The provider encountered an error verifying the DNS settings of your domain name. Please double check your nameserver settings and try again later.
Error detail: Incorrect TXT record "hUv9Nc1tCYyVsFliuk8Hi-dqGT-hDG4P6EdlkdbG-_k" (and 1 more) found at _acme-challenge.daniel-j-radcliffe.pp.ua
While trying to set up a new SSL certificate for my site, I’m getting the above error.
Not sure exactly what is causing this. I do use cloudflare, and my Cname records in cloudflare match those on my infinity free account. The only way I got it to work before was by temprarily bypassing the proxy on the Cname record, but even thats not working this time.
Ah brill. I did wonder, but they were automatically set up by Cloudflare and I didn’t want to break anything.
I’ve decided to re-run the cloudflare setup, because I think I’ve broken something, since I’ve been changing a lot of settings recently. Its quick and easy to sort
A CNAME record lookup will show our record, but if you do a TXT record lookup on the _acme-challenge subdomain instead, you don’t see it.
Instead, you’ll see several TXT records published there, served directly from Cloudflare’s nameservers.
That’s because Cloudflare needs to set these records to be able to obtain their SSL certificates to protect your website. But this can result in them overriding your own records. As far as I can tell, there is not a lot you can do about this except wait for Cloudflare to finish the SSL setup on their end and remove their records.
In the mean time, you can use Cloudflare with “Full” SSL mode instead, and just use a self-signed certificate on your hosting account. It’s not as secure as “Full (strict)” mode, but it’s secure enough for most websites.
As a side note, if you still want to go the manual way, you don’t want to “temporarily” disable proxy on that CNAME record. You want to keep it disabled, otherwise it won’t work properly.