Domain verification fails for CNAME subdomain

Hello,

I try to setup the www subdomain of my original domain hosted as GitLab Pages
(similar to Pages: 401, no permission, cannot verify domain although DNS has been set but I (AFAIK) did what was proposed as a solution)

I added a
www CNAME agile-securiy.gitlab.io.
and
_gitlab-pages-verification-code.www TXT gitlab-pages-verification-code=1f21fd16ee7212772056613ceb22af07
in my domain administration UI

But I the verification of my ownership fails in the pages setting

The DNS entries are there (and it is roughly 12h since I created the entries)

$ dig +short cname www.agile-sicherheit.de.
agile-securiy.gitlab.io.

$ dig +short txt _gitlab-pages-verification-code.www.agile-sicherheit.de
"_gitlab-pages-verification-codegitlab-pages-verification-code=1f21fd16ee7212772056613ceb22af07"

I don’t understand what I’m doing wrong?

The original page works with A and a TXT records

$ dig +short a  agile-sicherheit.de.
35.185.44.232
$ dig +short txt agile-sicherheit.de.
...
"gitlab-pages-verification-code=e186c751fd4a367b198d8501b4093ce3"

Any ideas?

OMG Now I see it, classical PEBCAK.

For some reason I created a
_gitlab-pages-verification-codegitlab-pages-verification-code
instead
_gitlab-pages-verification-code
TXT entry. SO embarrassing 8-o

Ok, I corrected the error but I still can’t verify the page :frowning:

$ dig  +short txt _gitlab-pages-verification-code.www.agile-sicherheit.de 
"_gitlab-pages-verification-code=1f21fd16ee7212772056613ceb22af07"
$ dig  www.agile-sicherheit.de 

; <<>> DiG 9.10.6 <<>> www.agile-sicherheit.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 517
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.agile-sicherheit.de.	IN	A

;; ANSWER SECTION:
www.agile-sicherheit.de. 3295	IN	CNAME	agile-securiy.gitlab.io.
agile-securiy.gitlab.io. 300	IN	A	35.185.44.232

;; Query time: 22 msec
;; SERVER: 192.168.2.1#53(192.168.2.1)
;; WHEN: Tue Apr 07 12:54:16 CEST 2020
;; MSG SIZE  rcvd: 105

Anyone any ideas?

P.S.: I would really like to have more verbose error message than Failed to verify domain ownership
It would be nice to see what was tried (which DNS lookups) and if some keys are wrong?

Hopefully this is the final reply

After I deleted the domain and re-added it (with a new verification-code) it now works.
Now only waiting for the Let’s Encrypt certificate :slight_smile: