How to set up cert for wix subdomain using dns challenge

I have a wix website with subdomains whose apps are hosted on digitalocean with the subdomains pointing to my loadbalancer on digitalocean.

I have installed certbot in a bit to create certificates for the domains. However, when I add the txt record to wix and try to validate the challenge, I get the error:

Failed authorization procedure. (dns-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect TXT record "BHI-gqev2kAgvytiltiAj6R6Rxdzu3GDDhnWRUZ6E6o" (and 1 more) found at


  • The following errors were reported by the server:

    Type: unauthorized
    Detail: Incorrect TXT record
    “BHI-gqev2kAgvytiltiAj6R6Rxdzu3GDDhnWRUZ6E6o” (and 1 more) found at

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

Any insights on how I can resolve this?

Hi, if you can provide your real domain I could help you check, otherwise you can verify the correct TXT records are presented using the linux dig command: dig -t TXT

I’m assuming you are using the manual DNS validation mode in Certify (not certbot).

The most common reason for a DNS validation error is that your TXT record is either not present, added as an A record instead of a TXT record, or hasn’t had time to propagate changes to all of your nameservers (this can take while depending on your DNS provider).

You can also you to identify common issues.

Also if you are validating subdomains, the TXT record you are trying to create is

As a side note, if you don’t have access to linux/dig… Windows can do it as well:

nslookup -type=TXT
1 Like