I ran into the same issue before. It’s because I’m using the DNS service of 3rd party, and the DNS records are not propagated yet. In my experience, it needs several hours for the values to be updated to the DNS servers. For wildcard domains, you need to add 2 TXT records with the same name(Ex: _acme-challenge.yourdomain.com) but different value specified, one for root domain(Ex: yourdomain.com), one for wildcard subdomains(Ex: *.yourdomain.com). Be aware there is a underline in the begining of TXT record.
Use nslookup tool to make sure the values are identical before clicking Request Certificate again:
nslookup.exe -q=TXT <Your TXT record name> <Your DNS server IP or Name>
For example:
nslookup.exe -q=TXT _acme-challenge.yourdomain.com ns1.yourdomain.com
It should display something like:
Server: <…>
Address: xxx.xxx.xxx.xxx_acme-challenge.yourdomain.com text =
"<Random string 1>"_acme-challenge.yourdomain.com text =
"<Random string 2>"yourdomain.com nameserver = ns2.yourdomain.com
yourdomain.com nameserver = ns1.yourdomain.com
Retry above command until <Random string 1> and <Random string 2> are identical to what displayed on Certify The Web client, then you can click “Request Certificate” button again.