Issue Creating / Renewing DuckDNS certificate: The DNS response does not contain an answer to the question: IN TXT

Hey folks,

I recently ran into this issue when trying to create / renew my SSL certificate with Nginx Proxy Manager and wanted to share what I did to finally get it renewed to help save others hours of the same issue.

The Problem
No matter how many times I tried, I would continually get this response when trying to renew or create a certificate using a DNS challenge with DuckDNS using Nginx Proxy Manager: The DNS response does not contain an answer to the question: IN TXT

Context
My home network stack is composed of:

  • A fairly standard AdGuard instance running on a Raspberry Pi
  • A Home Assistant instance running AdGuard and Nginx Proxy Manager
  • DuckDNS routes

My AdGuard instance were redirecting DNS queries for my Home Assistant Domain, call it my-home-assistant.duckdns.org to the IP of my Nginx Proxy Manager instance which was running on my Home Assistant.

The Solution
I’m not sure what tipped me off but it dawned on me that the AdGuard instances may have been interfering with the certificate renewal process, even though I was making a DNS challenge using DuckDNS, and low and behold I was correct.

I removed the AdGuard DNS instances from my router’s DNS table, navigated to my Home Assistant’s IP, went to the Nginx Proxy Manager instance and performed the certificate renewal again and it worked!

I’m not sure what in AdGuard is causing DuckDNS to return this kind of response but the solution is to remove AdGuard from your DNS on the router and then perform your certificate renewal.

Hope this helps others!