Acme: error code 400

My domain is: aberfeldysteamie.co.uk and another one same issue nopressureclean.co.uk

I was trying to make SSL certification in cpanel for my domain but I keep getting this error.

acme: error code 400 urn:ietf:params:acme:error:dns: DNS problem: SERVFAIL looking up A for aberfeldysteamie.co.uk - the domains nameservers may be malfunctioning (order URL: https://acme-v02.api.letsencrypt.org/acme/order/96631444/5216510182)

If I click on the link below it says invalid is that mean the ssl status is invalid or the domain itself?

Please advice
Thanks

Hi @fbnhosting

there is a check of your domain, created yesterday - https://check-your-website.server-daten.de/?q=aberfeldysteamie.co.uk

Your DNSSEC is broken:

2020-09-16.aberfeldysteamie.co.uk

So there is an ip address, but Letsencrypt can’t use it -> Servfail.

Remove your DNSSEC or update it, so it’s a valid DNSSEC configuration.

Thanks for your quick reply, I went to check it in cpanel and I can generate a DNSSEC key but I have to let my registrar finish it.
Once they made what they have to I will try it again.

PS: In this case the nopressureclean.co.uk domain could be the same issue?

Thanks

See your check result - https://check-your-website.server-daten.de/?q=nopressureclean.co.uk

Same message:

Fatal error: Parent zone has a signed DS RR (Algorithm 13, KeyTag 31841, DigestType 2, Digest O1m+IDPSV2PB7AcP4+YFiZSsOvPgndH5lnSALdHu9d4=), but the destination DNSKEY doesn’t exist or doesn’t validate the DNSKEY RR set. No chain of trust created.

If there is a DS in the parent zone, there must be a DNSKEY in the current zone with matching values, that DNSKEY must validate the DNSKEY set.

If not, there is no chain of trust -> DNSSEC is broken.

Again, thanks for your quick replay
Hope this information will help to fix the issue.