Cert-Generation Problem --> DNS problem: NXDOMAIN looking up A

futureweb · July 17, 2018, 11:27am

Hello,

got 1 Domain which gives me some headache obtaining a LE-Cert …
A few dozen other Domains work without Problems on the same Server … Cert is generated by Plesk LE-Plugin.

[2018-07-17 10:51:25.514] ERR [extension/letsencrypt] Domain validation failed for wahrewertschaetzung.at: Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/XXXXXX.
Details:
Type: urn:acme:error:dns
Status: 400
Detail: DNS problem: NXDOMAIN looking up A for wahrewertschaetzung.at

nslookup on Google DNS Servers (8.8.8.8) gives back correct IP …

Header:
   ID=53766, QR=Query, Opcode=QUERY, RCODE=NO ERROR
   Authoritative Answer=No, Truncation=No
   Recursion Desired=Yes, Recursion Available=Yes
   QDCOUNT=1, ANCOUNT=1, NSCOUNT=0, ARCOUNT=0
Question:
   Name=wahrewertschaetzung.at, QTYPE=A, QCLASS=1
Answer Section:
- Name=wahrewertschaetzung.at
    Type=A, Class=1, TTL=359 (5 Minutes 59 Seconds), RDLENGTH=4
    IP Address=85.125.90.219
---

I hope someone here can point me in the right Direction …

thx, bye from Austria
Andreas Schnederle-Wagner

_az · July 17, 2018, 11:42am

Can you try it again and not redact the authz this time? It doesn’t contain any sensitive information and contains valuable diagnostic information.

futureweb · July 17, 2018, 11:51am

alright - didn’t know yet that it’s safe to publish the authz … good to know!

[2018-07-17 12:51:26.116] ERR [extension/letsencrypt] Domain validation failed for wahrewertschaetzung.at: Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/MVJdM-yslw8A1ovYGzEnk7Io5ZEmXzEd99xgxc-dpZU.

_az · July 17, 2018, 11:55am

That’s your failure from ~an hour ago right?

The reason I’d like for you to try again is that your domain resolves fine right now, as you pointed out. An additional attempt should either succeed or reveal different errors.

futureweb · July 17, 2018, 12:10pm

alright - seems like I got some wrong Information firsthand … Domain was created in our DNS today and not a few days before as I was informed … so most likely DNS was just not propagated yet … sorry for stealing your time …
Andreas

system · August 16, 2018, 12:11pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.