Are MARCARIA's name servers included in the authoritative name servers used by LetsEncrypt?

I am trying to get an SSL certificate for a domain obtained with MARCARIA using LetsEncrypt but it is not possible.

My server has one static IP address registered to two domains.
The two domains are each acquired from a different registrar.
When attempting to obtain a certificate with the certbot command, one domain succeeds and one domain fails in the http challenge.
The domain that failed is the domain that was acquired at MARCARIA.
The failed domain name is

However, when I do an nslookup specifying the name server for MARCARIA



Name resolution is possible.
"Non-authoritative answer:" is not included, so this name server is an authoritative name server.

Are MARCARIA's name servers included in the authoritative name servers used by LetsEncrypt?

Thanks for reading to the end.
I am asking this question from Japan using DeepL translation.

1 Like

The LE resolver "crawls" the DNS tree from the root down. There is no "list" of authorative name servers used for all possible domains: that list would be HUGE obviously.

When you opened this thread in the #help section, you should have been presented with a questionnaire (or you've deleted it for some reason). Please answer all the questions to the best of your knowlesge:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.