Detail: dns :: DNS problem: NXDOMAIN looking up A for

My domain is:

I ran this command: sudo certbot --nginx -d -d

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: dns :: DNS problem: NXDOMAIN looking up A for


  • The following errors were reported by the server:

    Type: connection
    Detail: dns :: DNS problem: NXDOMAIN looking up A for

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you’re using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.

My web server is: NGINX 1.14.0

The operating system my web server runs on is: Ubuntu 18.04

My hosting provider, if applicable, is: Time4vps

I can login to a root shell on my machine: yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is: certbot 0.31.0

I’ve looked at some other peoples solutions and have come up blank. here is a screenshot of my Nginx config and A name records.

Any help very appreciated.


It looks like that isn’t the active DNS setup. uses these nameservers:  86286  NS  86286  NS  86286  NS  86286  NS isn’t a separate zone and isn’t delegated to and

Either you aren’t accessing the right DNS control panel, or the delegation hasn’t been set up yet.



is their nameserver hostname and not

like they have it set as default to? are the nameservers for They could delegate to, but they haven’t.

I don’t know what control panel you’re using, or why it has the records it does.

Maybe they’re going to delegate to in the next few hours. Maybe it’s just wrong.


Ok guess I need to take it up with my provider then. Thanks a ton for the help you guys are great and responsive.

What kind of tools do you guys use for finding this info and troubleshooting?

1 Like

I’m using the panel from their site btw.

Hi @chill

sometimes these are standard programs (browser, nslookup, dig). Sometimes these are online tools - there is a list (pinned in #help ):

One thing is curious: You have a Letsencrypt certificate, 2 days old:

CRT-Id Issuer not before not after Domain names LE-Duplicate next LE
1314345199 CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US 2019-03-24 23:44:53 2019-06-22 22:44:53 duplicate nr. 1

And now your server has the same ip address:

Host T IP-Address is auth. ∑ Queries ∑ Timeout A yes 1 0
AAAA yes Name Error yes 1 0

So NXDOMAIN shouldn't be a problem.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.