<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{mso-style-priority:99;
mso-style-link:"Tekst zonder opmaak Char";
margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ligatures:standardcontextual;
mso-fareast-language:EN-US;}
span.E-mailStijl20
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.E-mailStijl21
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.TekstzonderopmaakChar
{mso-style-name:"Tekst zonder opmaak Char";
mso-style-priority:99;
mso-style-link:"Tekst zonder opmaak";
font-family:"Calibri",sans-serif;
mso-ligatures:standardcontextual;
mso-fareast-language:EN-US;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1609504826;
mso-list-template-ids:1316534604;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:36.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:72.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:108.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:144.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:180.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:216.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:252.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:288.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:324.0pt;
mso-level-number-position:left;
text-indent:-18.0pt;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="NL" link="#0563C1" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Hi Ondrej, Mark,<o:p></o:p></span></p>
<p class="MsoNormal"><u><span style="mso-fareast-language:EN-US"><o:p><span style="text-decoration:none"> </span></o:p></span></u></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US">Thank you for your reply. I agree that it was/is a lot of text. I do not know if attachments are allowed on this mailing list, but when drafting the message I was worried my question
would not come across because of the amount of text. Sorry for the inconvenience.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US">With regards to your remark ‘</span><span lang="EN-US">whether you configured the CA machine to use any custom DNS to actually reach the DNS server with the tokens</span><span lang="EN-US" style="mso-fareast-language:EN-US">’,
I checked and double-checked the DNS settings on the CA machine. The DNS pointed to my second name server which should get all the data from the master. But let me test that.
</span><span lang="EN-US" style="font-family:"Segoe UI Emoji",sans-serif;mso-fareast-language:EN-US">😊</span><span lang="EN-US" style="mso-fareast-language:EN-US">Unfortunately, I shall not able to test it within the next week. Therefore, if these tests will
not solve it, I shall respond later.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US">Warm regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US">Vinvar<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">Van:</span></b><span lang="EN-US"> Ondřej Surý <ondrej@isc.org>
<br>
<b>Verzonden:</b> donderdag 18 september 2025 22:52<br>
<b>CC:</b> bind-users@lists.isc.org<br>
<b>Onderwerp:</b> Re: Bind9 gives me error 'There was a problem with a DNS query during identifier validation'.
</span>Where to look for a solution?<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi,<span style="font-size:12.0pt"><o:p></o:p></span></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I snipped the whole message as it seems like in a phase “how do I debug the CA”.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Your email didn’t contain any information about the rest of the DNS configuration in your network, so it is kind of hard to help you. We don’t know whether you configured the CA machine to use any custom DNS to actually reach the DNS server
with the tokens. It will not happen on its own, but this information was missing (or buried in a ton of text related to ACME, not DNS).<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Ondrej<o:p></o:p></p>
<div>
<div>
<p class="MsoNormal">--<o:p></o:p></p>
</div>
<p class="MsoNormal">Ondřej Surý — ISC (He/Him)<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.<o:p></o:p></p>
<div style="mso-element:para-border-div;border:none;border-bottom:solid windowtext 1.0pt;padding:0cm 0cm 1.0pt 0cm">
<p class="MsoNormal" style="border:none;padding:0cm"><o:p> </o:p></p>
</div>
<p class="MsoNormal"><b><span lang="EN-US">Verzonden:</span></b><span lang="EN-US"> donderdag 18 september 2025 13:15<br>
<b>Aan:</b> 'bind-users@lists.isc.org' </span><a href="mailto:bind-users@lists.isc.org"><span lang="EN-US">bind-users@lists.isc.org</span></a><span lang="EN-US"><br>
<b>Onderwerp:</b> Bind9 gives me error 'There was a problem with a DNS query during identifier validation'. Where to look for a solution?<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Dear All,</span><span lang="EN-US" style="mso-ligatures:standardcontextual;mso-fareast-language:EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Has anyone encountered the error message ‘There was a problem with a DNS query during identifier validation’ while trying the complete a ACME dns-01 challenge? If so, could you help me by pointing me towards a solution.
I have tried multiple things but I am completely lost where the issue might reside. Google and the GitLab issue page does not show me any results.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">My setup is the following three machines:
<o:p></o:p></span></p>
<ul style="margin-top:0cm" type="disc">
<li class="MsoNormal" style="mso-list:l0 level1 lfo1">ns1; running Bind9<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level1 lfo1">certificates; running Step CA<o:p></o:p></li><li class="MsoNormal" style="mso-list:l0 level1 lfo1"><span lang="EN-US">testhost; Debian 12 on which I am trying to get a TLS certificate. (Once it works on the testhost, I would like to implement it on Truenas Scale. Meaning this Debian machine will be replaced
by the machine running Truenas Scale.)<o:p></o:p></span></li></ul>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I want to get a TLS certificate on the testhost. To achieve this, I ran acme.sh and cerbot on the testhost. Both result in the error message ‘There was a problem with a DNS query during identifier validation’.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Please find below my configuration and commands run.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US">BIND9 configuration<o:p></o:p></span></b></p>
<p class="MsoNormal"><u><span lang="EN-US">named.conf.local<o:p></o:p></span></u></p>
<p class="MsoNormal"><span lang="EN-US"> zone "myown.home" {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> type primary;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> file "/var/lib/bind/db.myown.home"; # Zone path file<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> inline-signing yes;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> update-policy {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> grant myown_wildcard. name _acme-challenge.testhost.myown.home. txt;<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> };<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> };<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> [redacted reversed-mapped zone]<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><u><span lang="EN-US">/var/lib/bind/db.myown.home<o:p></o:p></span></u></p>
<p class="MsoNormal"><span lang="EN-US"> $ORIGIN .<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> $TTL 86400 ; 1 day<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> myown.home IN SOA ns1.myown.home. info.myown.home. (<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> 2025091716 ; serial<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> 43200 ; refresh (12 hours)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> 900 ; retry (15 minutes)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> 345600 ; expire (4 days)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> 172800 ; minimum (2 days)<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> )<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> NS ns1.myown.home.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> $ORIGIN myown.home.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> testhost A [redacted].23<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> ns1 A [redacted].21<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> certificates A [redacted].22<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US">Step CA configuration<o:p></o:p></span></b></p>
<p class="MsoNormal"><u><span lang="EN-US">[redacted step path]/config/ca.json<o:p></o:p></span></u></p>
<p class="MsoNormal"><span lang="EN-US"> "root": "/[redacted step path]/certs/root_ca.crt",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "federatedRoots": null,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "crt": "/[redacted step path]/certs/intermediate_ca.crt",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "key": "/[redacted step path]/secrets/intermediate_ca_key",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "address": ":443",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "insecureAddress": "",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "dnsNames": [<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "[redacted].22",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "certificates.myown.home"<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> ],<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "logger": {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "format": "text"<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> },<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "db": {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "type": "badgerv2",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "dataSource": "/etc/step-ca/db",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "badgerFileLoadingMode": ""<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> },<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "authority": {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "provisioners": [<o:p></o:p></span></p>
<p class="MsoNormal" style="text-indent:35.4pt"><span lang="EN-US">…<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "type": "ACME",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "name": "acme-dns",<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "challenges": [<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "dns-01"<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> ],<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "claims": {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "enableSSHCA": false,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "disableRenewal": false,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "allowRenewalAfterExpiry": false,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "disableSmallstepExtensions": false<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> },<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "options": {<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "x509": {},<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> "ssh": {}<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> }<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"> }<o:p></o:p></span></p>
<p class="MsoNormal" style="text-indent:35.4pt"><span lang="EN-US">…<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span lang="EN-US">WORKFLOW</span></b><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">On the testhost I ran (as root) the following command to start the flow.<o:p></o:p></span></p>
<p class="MsoNormal" style="text-indent:35.4pt"><span lang="EN-US">.acme.sh/acme.sh --issue --dns dns_nsupdate -d 'testhost.myown.home' --server
<a href="https://[redacted].22/acme/acme/directory%20--dnssleep%20300">https://[redacted].22/acme/acme/directory --dnssleep 300</a><o:p></o:p></span></p>
<p class="MsoNormal" style="text-indent:35.4pt"><span lang="EN-US">REQUESTS_CA_BUNDLE=/usr/local/share/ca-certificates/myown_root_ca.crt certbot certonly --dns-rfc2136 --dns-rfc2136-credentials certbot.ini -d testhost.myown.home --server
<a href="https://[redacted].22/acme/acme/directory">https://[redacted].22/acme/acme/directory</a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This resulted in the following output (example for achme.sh).<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:03 PM CEST 2025] Using CA:
<a href="https://[redacted].22/acme/acme/directory">https://[redacted].22/acme/acme/directory</a><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:03 PM CEST 2025] Account key creation OK.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:04 PM CEST 2025] Registering account:
<a href="https://[redacted].22/acme/acme/directory">https://[redacted].22/acme/acme/directory</a><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:04 PM CEST 2025] Registered<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:04 PM CEST 2025] ACCOUNT_THUMBPRINT='7juVi3uRQTaf2qUTEvOB9faQfCjoNUHUNj-VFxyC284'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:04 PM CEST 2025] Creating domain key<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:04 PM CEST 2025] The domain key is here: /root/.acme.sh/testhost.myown.home_ecc/testhost.myown.home.key<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:04 PM CEST 2025] Single domain='testhost.myown.home'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:05 PM CEST 2025] Getting webroot for domain='testhost.myown.home'<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:05 PM CEST 2025] Adding TXT value: JtLRfxGl3S0WZoYaVYJ3BWZCIk011AhHsu-WircaITk for domain: _acme-challenge.testhost.myown.home<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:05 PM CEST 2025] adding _acme-challenge.testhost.myown.home. 600 in txt "JtLRfxGl3S0WZoYaVYJ3BWZCIk011AhHsu-WircaITk"<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:05 PM CEST 2025] The TXT record has been successfully added.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:49:05 PM CEST 2025] Sleeping for 300 seconds to wait for the the TXT records to take effect<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:07 PM CEST 2025] Verifying: testhost.myown.home<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:07 PM CEST 2025] Pending. The CA is processing your order, please wait. (1/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:11 PM CEST 2025] Pending. The CA is processing your order, please wait. (2/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:14 PM CEST 2025] Pending. The CA is processing your order, please wait. (3/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:17 PM CEST 2025] Pending. The CA is processing your order, please wait. (4/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:21 PM CEST 2025] Pending. The CA is processing your order, please wait. (5/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:24 PM CEST 2025] Pending. The CA is processing your order, please wait. (6/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:27 PM CEST 2025] Pending. The CA is processing your order, please wait. (7/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:30 PM CEST 2025] Pending. The CA is processing your order, please wait. (8/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:34 PM CEST 2025] Pending. The CA is processing your order, please wait. (9/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:37 PM CEST 2025] Pending. The CA is processing your order, please wait. (10/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:40 PM CEST 2025] Pending. The CA is processing your order, please wait. (11/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:43 PM CEST 2025] Pending. The CA is processing your order, please wait. (12/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:47 PM CEST 2025] Pending. The CA is processing your order, please wait. (13/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:50 PM CEST 2025] Pending. The CA is processing your order, please wait. (14/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:53 PM CEST 2025] Pending. The CA is processing your order, please wait. (15/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:54:57 PM CEST 2025] Pending. The CA is processing your order, please wait. (16/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:00 PM CEST 2025] Pending. The CA is processing your order, please wait. (17/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:03 PM CEST 2025] Pending. The CA is processing your order, please wait. (18/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:06 PM CEST 2025] Pending. The CA is processing your order, please wait. (19/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:10 PM CEST 2025] Pending. The CA is processing your order, please wait. (20/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:13 PM CEST 2025] Pending. The CA is processing your order, please wait. (21/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:16 PM CEST 2025] Pending. The CA is processing your order, please wait. (22/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:20 PM CEST 2025] Pending. The CA is processing your order, please wait. (23/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:23 PM CEST 2025] Pending. The CA is processing your order, please wait. (24/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:26 PM CEST 2025] Pending. The CA is processing your order, please wait. (25/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:29 PM CEST 2025] Pending. The CA is processing your order, please wait. (26/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:33 PM CEST 2025] Pending. The CA is processing your order, please wait. (27/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:36 PM CEST 2025] Pending. The CA is processing your order, please wait. (28/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:39 PM CEST 2025] Pending. The CA is processing your order, please wait. (29/30)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:42 PM CEST 2025] testhost.myown.home: Timeout<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:42 PM CEST 2025] Removing DNS records.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:42 PM CEST 2025] Removing txt: JtLRfxGl3S0WZoYaVYJ3BWZCIk011AhHsu-WircaITk for domain: _acme-challenge.testhost.myown.home<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:43 PM CEST 2025] removing _acme-challenge.testhost.myown.home. txt<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:43 PM CEST 2025] Successfully removed<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:43 PM CEST 2025] Please add '--debug' or '--log' to see more information.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">[Wed Sep 17 12:55:43 PM CEST 2025] See:
<a href="https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh">https://github.com/acmesh-official/acme.sh/wiki/How-to-debug-acme.sh</a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">During 12.49 PM when ACME.sh registered the account and added the TXT message, I got the following in the journalctl on the certificated.myown.home:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">{<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__CURSOR" : "s=5819b12a49b64582a726181e92d271cb;i=10fb;b=013473d30295440782ff29490d3dc9fe;m=2d2ac928bed;t=63efcfc2c08c2;x=efdcb09f0f131d1e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CMDLINE" : "/usr/bin/step-ca config/ca.json --password-file /[redacted step path]/secrets/password",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_GID" : "996",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_INVOCATION_ID" : "85c5974ec43b4e56b4b1c77cef15930e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CAP_EFFECTIVE" : "400",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__REALTIME_TIMESTAMP" : "1758106143688898",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_STREAM_ID" : "56b55ea55fd84f62a58435206f03676e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_UNIT" : "step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_UID" : "999",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_IDENTIFIER" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_PID" : "2226",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_BOOT_ID" : "013473d30295440782ff29490d3dc9fe",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SELINUX_CONTEXT" : "unconfined\n",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_FACILITY" : "3",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_MACHINE_ID" : "e3c0f10a80284f7fb1f3cd5ef5476c92",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_EXE" : "/usr/bin/step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_RUNTIME_SCOPE" : "system",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_CGROUP" : "/system.slice/step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_HOSTNAME" : "certificates",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_COMM" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__MONOTONIC_TIMESTAMP" : "3103861672941",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_SLICE" : "system.slice",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "MESSAGE" : "time=\"2025-09-17T12:49:03+02:00\" level=info duration=\"58.755µs\" duration-ns=58755 fields.time=\"2025-09-17T12:49:03+02:00\" method=GET name=ca path=/acme/acme/directory
protocol=HTTP/2.0 referer= remote-address=[redacted].23 request-id=a4421749-4cbd-4128-a22a-3de5ce439a4e response=\"{\\\"newNonce\\\":\\\<a href="https://[redacted].22/acme/acme/new-nonce/">https://[redacted].22/acme/acme/new-nonce\\\</a>,\\\"newAccount\\\":\\\<a href="https://[redacted].22/acme/acme/new-account/">https://[redacted].22/acme/acme/new-account\\\</a>,\\\"newOrder\\\":\\\<a href="https://[redacted].22/acme/acme/new-order/">https://[redacted].22/acme/acme/new-order\\\</a>,\\\"revokeCert\\\":\\\<a href="https://[redacted].22/acme/acme/revoke-cert/">https://[redacted].22/acme/acme/revoke-cert\\\</a>,\\\"keyChange\\\":\\\<a href="https://[redacted].22/acme/acme/key-change/">https://[redacted].22/acme/acme/key-change\\\</a>}\"
size=282 status=200 user-agent=\"acme.sh/3.1.2 (<a href="https://github.com/acmesh-official/acme.sh)/">https://github.com/acmesh-official/acme.sh)\</a>" user-id=",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "PRIORITY" : "6",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_TRANSPORT" : "stdout"<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">}<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">{<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_PID" : "2226",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_UNIT" : "step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_COMM" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_GID" : "996",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CMDLINE" : "/usr/bin/step-ca config/ca.json --password-file /[redacted step path]/secrets/password",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "MESSAGE" : "time=\"2025-09-17T12:49:04+02:00\" level=info duration=3.178139ms duration-ns=3178139 fields.time=\"2025-09-17T12:49:04+02:00\" method=HEAD name=ca nonce=UzROdnlhVXc2SHVnbkZOV1YxTVFlamxzV3U3ZVhFa0I
path=/acme/acme/new-nonce protocol=HTTP/2.0 referer= remote-address=[redacted].23 request-id=0063c780-2e22-4b3c-b0e3-e0a9e211619b size=0 status=200 user-agent=\"acme.sh/3.1.2 (<a href="https://github.com/acmesh-official/acme.sh)/">https://github.com/acmesh-official/acme.sh)\</a>"
user-id=",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__CURSOR" : "s=5819b12a49b64582a726181e92d271cb;i=10fc;b=013473d30295440782ff29490d3dc9fe;m=2d2ac998662;t=63efcfc330336;x=dab3e11aced4bad7",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_UID" : "999",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_FACILITY" : "3",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_BOOT_ID" : "013473d30295440782ff29490d3dc9fe",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_IDENTIFIER" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CAP_EFFECTIVE" : "400",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_SLICE" : "system.slice",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_HOSTNAME" : "certificates",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_EXE" : "/usr/bin/step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_STREAM_ID" : "56b55ea55fd84f62a58435206f03676e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_RUNTIME_SCOPE" : "system",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__REALTIME_TIMESTAMP" : "1758106144146230",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__MONOTONIC_TIMESTAMP" : "3103862130274",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_INVOCATION_ID" : "85c5974ec43b4e56b4b1c77cef15930e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "PRIORITY" : "6",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SELINUX_CONTEXT" : "unconfined\n",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_MACHINE_ID" : "e3c0f10a80284f7fb1f3cd5ef5476c92",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_TRANSPORT" : "stdout",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_CGROUP" : "/system.slice/step-ca.service"<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">}<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">{<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "PRIORITY" : "6",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_MACHINE_ID" : "e3c0f10a80284f7fb1f3cd5ef5476c92",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_BOOT_ID" : "013473d30295440782ff29490d3dc9fe",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_IDENTIFIER" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_EXE" : "/usr/bin/step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_CGROUP" : "/system.slice/step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__REALTIME_TIMESTAMP" : "1758106144332324",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_SLICE" : "system.slice",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__MONOTONIC_TIMESTAMP" : "3103862316368",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_GID" : "996",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_STREAM_ID" : "56b55ea55fd84f62a58435206f03676e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_HOSTNAME" : "certificates",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_COMM" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "MESSAGE" : "time=\"2025-09-17T12:49:04+02:00\" level=info duration=10.229178ms duration-ns=10229178 fields.time=\"2025-09-17T12:49:04+02:00\" method=POST name=ca nonce=SWEwNVFNczcySlBlZUhwcFNpald0TmJrUEdEekh3V3g
path=/acme/acme/new-account protocol=HTTP/2.0 referer= remote-address=[redacted].23 request-id=3be4d4bb-5479-4904-8b73-b53f0fbbb150 response=\"{\\\"contact\\\":[\\\<a href="mailto:test@test.com\\\">mailto:test@test.com\\\</a>],\\\"status\\\":\\\"valid\\\",\\\"orders\\\":\\\<a href="https://[redacted].22/acme/acme/account/6J2ZJJSxnYO27u6bpFUtBrJ1CCtHkfcA/orders/">https://[redacted].22/acme/acme/account/6J2ZJJSxnYO27u6bpFUtBrJ1CCtHkfcA/orders\\\</a>}\"
size=144 status=201 user-agent=\"acme.sh/3.1.2 (<a href="https://github.com/acmesh-official/acme.sh)/">https://github.com/acmesh-official/acme.sh)\</a>" user-id=",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_INVOCATION_ID" : "85c5974ec43b4e56b4b1c77cef15930e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SELINUX_CONTEXT" : "unconfined\n",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CMDLINE" : "/usr/bin/step-ca config/ca.json --password-file /[redacted step path]/secrets/password",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_RUNTIME_SCOPE" : "system",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CAP_EFFECTIVE" : "400",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_TRANSPORT" : "stdout",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_UNIT" : "step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_UID" : "999",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_FACILITY" : "3",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_PID" : "2226",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__CURSOR" : "s=5819b12a49b64582a726181e92d271cb;i=10fd;b=013473d30295440782ff29490d3dc9fe;m=2d2ac9c5d50;t=63efcfc35da24;x=8d727976330d3e21"<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">}<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">{<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_BOOT_ID" : "013473d30295440782ff29490d3dc9fe",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_COMM" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_MACHINE_ID" : "e3c0f10a80284f7fb1f3cd5ef5476c92",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_HOSTNAME" : "certificates",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_TRANSPORT" : "stdout",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_GID" : "996",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CMDLINE" : "/usr/bin/step-ca config/ca.json --password-file /[redacted step path]/secrets/password",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_UID" : "999",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_FACILITY" : "3",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_UNIT" : "step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_STREAM_ID" : "56b55ea55fd84f62a58435206f03676e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_PID" : "2226",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "PRIORITY" : "6",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_CGROUP" : "/system.slice/step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CAP_EFFECTIVE" : "400",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__MONOTONIC_TIMESTAMP" : "3103862794284",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_INVOCATION_ID" : "85c5974ec43b4e56b4b1c77cef15930e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__REALTIME_TIMESTAMP" : "1758106144810241",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_SLICE" : "system.slice",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_IDENTIFIER" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_EXE" : "/usr/bin/step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SELINUX_CONTEXT" : "unconfined\n",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__CURSOR" : "s=5819b12a49b64582a726181e92d271cb;i=10fe;b=013473d30295440782ff29490d3dc9fe;m=2d2aca3a82c;t=63efcfc3d2501;x=d6ac118a2c53c6a4",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_RUNTIME_SCOPE" : "system",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "MESSAGE" : "time=\"2025-09-17T12:49:04+02:00\" level=info duration=17.863338ms duration-ns=17863338 fields.time=\"2025-09-17T12:49:04+02:00\" method=POST name=ca nonce=RmJ1Z0RkY0JXQk9LaEdLcU9PdDZId2NXUW5xcUdqekQ
path=/acme/acme/new-order protocol=HTTP/2.0 referer= remote-address=[redacted].23 request-id=3f8bd00e-6c59-4de8-b5b4-2c51cf2f6bd8 response=\"{\\\"id\\\":\\\"OnEbnpn9KtE5yH27Oflg3BZwTBns4x7t\\\",\\\"status\\\":\\\"pending\\\",\\\"expires\\\":\\\"2025-09-18T10:49:04Z\\\",\\\"identifiers\\\":[{\\\"type\\\":\\\"dns\\\",\\\"value\\\":\\\"testhost.myown.home\\\"}],\\\"notBefore\\\":\\\"2025-09-17T10:48:04Z\\\",\\\"notAfter\\\":\\\"2025-09-18T10:49:04Z\\\",\\\"authorizations\\\":[\\\<a href="https://[redacted].22/acme/acme/authz/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/">https://[redacted].22/acme/acme/authz/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7\\\</a>],\\\"finalize\\\":\\\<a href="https://[redacted].22/acme/acme/order/OnEbnpn9KtE5yH27Oflg3BZwTBns4x7t/finalize/">https://[redacted].22/acme/acme/order/OnEbnpn9KtE5yH27Oflg3BZwTBns4x7t/finalize\\\</a>}\"
size=414 status=201 user-agent=\"acme.sh/3.1.2 (<a href="https://github.com/acmesh-official/acme.sh)/">https://github.com/acmesh-official/acme.sh)\</a>" user-id="<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">}<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">{<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_EXE" : "/usr/bin/step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SELINUX_CONTEXT" : "unconfined\n",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_MACHINE_ID" : "e3c0f10a80284f7fb1f3cd5ef5476c92",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CAP_EFFECTIVE" : "400",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_PID" : "2226",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_IDENTIFIER" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_GID" : "996",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_FACILITY" : "3",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_RUNTIME_SCOPE" : "system",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__CURSOR" : "s=5819b12a49b64582a726181e92d271cb;i=10ff;b=013473d30295440782ff29490d3dc9fe;m=2d2aca7f1fb;t=63efcfc416ed0;x=8c246ed311a302e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_INVOCATION_ID" : "85c5974ec43b4e56b4b1c77cef15930e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_COMM" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "MESSAGE" : "time=\"2025-09-17T12:49:05+02:00\" level=info duration=5.975201ms duration-ns=5975201 fields.time=\"2025-09-17T12:49:05+02:00\" method=POST name=ca nonce=R3JoSUljRVU0cU5HcGhQeDdwRWJvV2o0RG9EQnBWdlg
path=/acme/acme/authz/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7 protocol=HTTP/2.0 referer= remote-address=[redacted].23 request-id=21a5b8f1-2e06-4270-9c78-36756eed0454 response=\"{\\\"identifier\\\":{\\\"type\\\":\\\"dns\\\",\\\"value\\\":\\\"testhost.myown.home\\\"},\\\"status\\\":\\\"pending\\\",\\\"challenges\\\":[{\\\"type\\\":\\\"dns-01\\\",\\\"status\\\":\\\"pending\\\",\\\"token\\\":\\\"MjJKsBOb7QhF8NLH9OUNgVzfNNXky6rh\\\",\\\"url\\\":\\\<a href="https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/n5wxEJwQaiIUZVtShgqh9Tzu0ypHe92V/">https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/n5wxEJwQaiIUZVtShgqh9Tzu0ypHe92V\\\</a>},{\\\"type\\\":\\\"http-01\\\",\\\"status\\\":\\\"pending\\\",\\\"token\\\":\\\"MjJKsBOb7QhF8NLH9OUNgVzfNNXky6rh\\\",\\\"url\\\":\\\<a href="https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/zoCrJwaGduKM01OzNFwmk0pUate4MWpp/">https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/zoCrJwaGduKM01OzNFwmk0pUate4MWpp\\\</a>}],\\\"wildcard\\\":false,\\\"expires\\\":\\\"2025-09-18T10:49:04Z\\\"}\"
size=542 status=200 user-agent=\"acme.sh/3.1.2 (<a href="https://github.com/acmesh-official/acme.sh)/">https://github.com/acmesh-official/acme.sh)\</a>" user-id=",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__MONOTONIC_TIMESTAMP" : "3103863075323",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_SLICE" : "system.slice",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_HOSTNAME" : "certificates",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_STREAM_ID" : "56b55ea55fd84f62a58435206f03676e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "PRIORITY" : "6",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_BOOT_ID" : "013473d30295440782ff29490d3dc9fe",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_CGROUP" : "/system.slice/step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__REALTIME_TIMESTAMP" : "1758106145091280",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_TRANSPORT" : "stdout",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CMDLINE" : "/usr/bin/step-ca config/ca.json --password-file /[redacted step path]/secrets/password",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_UNIT" : "step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_UID" : "999"<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">}<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">While the ACME.sh script slept for 300 seconds, I ran on the DNS server: dig @192.168.2.21 TXT _acme-challenge.testhost.myown.home. Verifying that the TXT record was added correctly.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">; <<>> DiG 9.18.33-1~deb12u2-Debian <<>> @[redacted].21 TXT _acme-challenge.testhost.myown.home.<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">; (1 server found)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; global options: +cmd<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; Got answer:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37924<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; OPT PSEUDOSECTION:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">; EDNS: version: 0, flags:; udp: 1232<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">; COOKIE: db03a0646b58f1cf0100000068ca92262d763b3f9b6e48a7 (good)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; QUESTION SECTION:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;_acme-challenge.testhost.myown.home. IN TXT<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; ANSWER SECTION:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">_acme-challenge.testhost.myown.home. 600 IN TXT "JtLRfxGl3S0WZoYaVYJ3BWZCIk011AhHsu-WircaITk"<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; Query time: 0 msec<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; SERVER: [redacted].21#53([redacted].21) (UDP)<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; WHEN: Wed Sep 17 12:49:10 CEST 2025<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">;; MSG SIZE rcvd: 155<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">From 12.54 PM when ACME.sh tried to verify the the FQDN testhost.myown.home, I got the following output in the journalctl of the PKI of each of the 30 attempts:<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">{<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CAP_EFFECTIVE" : "400",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__MONOTONIC_TIMESTAMP" : "3104165836085",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_UNIT" : "step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_MACHINE_ID" : "e3c0f10a80284f7fb1f3cd5ef5476c92",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "PRIORITY" : "6",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_STREAM_ID" : "56b55ea55fd84f62a58435206f03676e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_CGROUP" : "/system.slice/step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_PID" : "2226",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__REALTIME_TIMESTAMP" : "1758106447852041",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_FACILITY" : "3",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_RUNTIME_SCOPE" : "system",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_HOSTNAME" : "certificates",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CMDLINE" : "/usr/bin/step-ca config/ca.json --password-file /[redacted step path]/secrets/password",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_TRANSPORT" : "stdout",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_COMM" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "MESSAGE" : "time=\"2025-09-17T12:54:07+02:00\" level=info duration=20.569994ms duration-ns=20569994 fields.time=\"2025-09-17T12:54:07+02:00\" method=POST name=ca nonce=M3dsVFlIV2dOR2ZNc0w4RlBkNjV4S3RxTGROMVdQZnE
path=/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/n5wxEJwQaiIUZVtShgqh9Tzu0ypHe92V protocol=HTTP/2.0 referer= remote-address=[redacted].23 request-id=cab15bca-630d-471e-953a-2e83afb36dfd response=\"{\\\"type\\\":\\\"dns-01\\\",\\\"status\\\":\\\"pending\\\",\\\"token\\\":\\\"MjJKsBOb7QhF8NLH9OUNgVzfNNXky6rh\\\",\\\"url\\\":\\\<a href="https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/n5wxEJwQaiIUZVtShgqh9Tzu0ypHe92V/">https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/n5wxEJwQaiIUZVtShgqh9Tzu0ypHe92V\\\</a>,\\\"error\\\":{\\\"type\\\":\\\"urn:ietf:params:acme:error:dns\\\",\\\"detail\\\":\\\"There
was a problem with a DNS query during identifier validation\\\"}}\" size=322 status=200 user-agent=\"acme.sh/3.1.2 (<a href="https://github.com/acmesh-official/acme.sh)/">https://github.com/acmesh-official/acme.sh)\</a>" user-id=",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_EXE" : "/usr/bin/step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_IDENTIFIER" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_BOOT_ID" : "013473d30295440782ff29490d3dc9fe",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_UID" : "999",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_GID" : "996",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_INVOCATION_ID" : "85c5974ec43b4e56b4b1c77cef15930e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SELINUX_CONTEXT" : "unconfined\n",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> </span>
<span lang="es-419">"__CURSOR" : "s=5819b12a49b64582a726181e92d271cb;i=1100;b=013473d30295440782ff29490d3dc9fe;m=2d2beb3b535;t=63efd0e4d3209;x=4b57da03825cd994",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="es-419"> </span>
<span lang="EN-US">"_SYSTEMD_SLICE" : "system.slice"<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">}<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">{<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__CURSOR" : "s=5819b12a49b64582a726181e92d271cb;i=1101;b=013473d30295440782ff29490d3dc9fe;m=2d2bee58f91;t=63efd0e7f0c65;x=a9161de4e298eae5",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_RUNTIME_SCOPE" : "system",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_CGROUP" : "/system.slice/step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_IDENTIFIER" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_COMM" : "step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_SLICE" : "system.slice",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_PID" : "2226",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "PRIORITY" : "6",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CMDLINE" : "/usr/bin/step-ca config/ca.json --password-file /[redacted step path]/secrets/password",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_CAP_EFFECTIVE" : "400",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__MONOTONIC_TIMESTAMP" : "3104169103249",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_GID" : "996",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "SYSLOG_FACILITY" : "3",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "__REALTIME_TIMESTAMP" : "1758106451119205",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_MACHINE_ID" : "e3c0f10a80284f7fb1f3cd5ef5476c92",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_EXE" : "/usr/bin/step-ca",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_UID" : "999",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_UNIT" : "step-ca.service",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_HOSTNAME" : "certificates",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SELINUX_CONTEXT" : "unconfined\n",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_BOOT_ID" : "013473d30295440782ff29490d3dc9fe",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_TRANSPORT" : "stdout",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_SYSTEMD_INVOCATION_ID" : "85c5974ec43b4e56b4b1c77cef15930e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "_STREAM_ID" : "56b55ea55fd84f62a58435206f03676e",<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US"> "MESSAGE" : "time=\"2025-09-17T12:54:11+02:00\" level=info duration=5.976054ms duration-ns=5976054 fields.time=\"2025-09-17T12:54:11+02:00\" method=POST name=ca nonce=aU9venZXaHJBOGNKRlBYcUU1WkM5U0NiUmVtczlwckk
path=/acme/acme/authz/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7 protocol=HTTP/2.0 referer= remote-address=[redacted].23 request-id=97b6d3c0-7f70-4aec-a83a-8949c26617c6 response=\"{\\\"identifier\\\":{\\\"type\\\":\\\"dns\\\",\\\"value\\\":\\\"testhost.myown.home\\\"},\\\"status\\\":\\\"pending\\\",\\\"challenges\\\":[{\\\"type\\\":\\\"dns-01\\\",\\\"status\\\":\\\"pending\\\",\\\"token\\\":\\\"MjJKsBOb7QhF8NLH9OUNgVzfNNXky6rh\\\",\\\"url\\\":\\\<a href="https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/n5wxEJwQaiIUZVtShgqh9Tzu0ypHe92V/">https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/n5wxEJwQaiIUZVtShgqh9Tzu0ypHe92V\\\</a>,\\\"error\\\":{\\\"type\\\":\\\"urn:ietf:params:acme:error:dns\\\",\\\"detail\\\":\\\"There
was a problem with a DNS query during identifier validation\\\"}},{\\\"type\\\":\\\"http-01\\\",\\\"status\\\":\\\"pending\\\",\\\"token\\\":\\\"MjJKsBOb7QhF8NLH9OUNgVzfNNXky6rh\\\",\\\"url\\\":\\\<a href="https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/zoCrJwaGduKM01OzNFwmk0pUate4MWpp/">https://[redacted].22/acme/acme/challenge/KYqNFxZVSmSG33yfHbjs5pCqAIxeENm7/zoCrJwaGduKM01OzNFwmk0pUate4MWpp\\\</a>}],\\\"wildcard\\\":false,\\\"expires\\\":\\\"2025-09-18T10:49:04Z\\\"}\"
size=669 status=200 user-agent=\"acme.sh/3.1.2 (<a href="https://github.com/acmesh-official/acme.sh)/">https://github.com/acmesh-official/acme.sh)\</a>" user-id="<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><span lang="EN-US">}<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:35.4pt"><i><span lang="EN-US">…This last message is repeated 29 times, for attempt 2 till 30 as shown in the output of the acme.sh…<o:p></o:p></span></i></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Kind regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">Vinvar<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoPlainText"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
</body>
</html>