SniCertificate::CertificateNonvalidError: Unable to verify challenge for


I am having issues with certificate renewal:
**SniCertificate::CertificateNonvalidError: Unable to verify challenge for No TXT record found at**

My Netlify site name is :
And the custom domain is : ****-*****.fr

Help much appreciated,


Hey there, @David_Gourdet :wave:

Thanks for reaching out, and welcome to the Netlify Forums!

So this error essentially means “we tried to make a wildcard certificate since you have DNS hosting enabled. However, the DNS record we made was not found by lets encrypt, so provisioning failed.” What this means is that you have an inactive DNS zone that you will need to disable before we can extend the certificate to your site.

You can follow this support guide to walk through deleting inactive DNS:

Let me know if this gets you on the right path!

Hey Hillary, @hillary

Thanks for the quick reply and the link to the support guide.
I’m a little confused though because I’m not sure if the DNS zone mentionned is the Netlify one or the one from the external register of the custom domain?

Thanks a lot for your help,


Hi @David_Gourdet,

We’ve deleted the DNS Zone (as it was inactive) and renewed the certificate from our end.

Thanks a lot @hrishikesh!
It’s working perfectly now :slight_smile: