Could not issue a Let's Encrypt certificate with DNS validation
Symptoms
Let's Encrypt certificate fails to be issued with TXT record validation, a record validation error occurs:
Missing TXT records
_acme-challenge.domain.com. TXT 2keyJwRHvhVNywCyHElE7SvSlGQTaGE9l9fewMDYXxg
_acme-challenge.domain.com. TXT W3P5jrSM2QXjWHVOeevX6uJ59CZ6iiRZxzMsg4JYrO8
on name servers ns1.register.com., ns2.register.com.Causes
The domain was recently delegated to new name servers, but the server is using the names of the previous name servers from the cache.
Solution
Name server caching for the panel's domains is performed in the file at /usr/local/mgr5/tmp/le_ns.cache and has the following format:
domain.com. ns2.register.com.,ns1.register.com. 2026-01-01 12:15:10Caching is performed according to the TTL for the DNS records of a specific domain.
To continue issuing certificates, remove the records for the desired domains from this file.
If the record caching logic does not suit your objectives, disable caching by adding the line Option LetsencryptDisableIterativeDig to the panel's configuration file at /usr/local/mgr5/etc/ispmgr.conf.