My domain is: oportunidadesprofesionales.fomentosansebastian.eus
do you have any idea of what may be the problem with this DNS entry?
I thought maybe it was a lengthy one, but I have created a longer one in another domain and verification works as expected
I ran this command: certbot --nginx -d oportunidadesprofesionales.fomentosansebastian.eus
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for oportunidadesprofesionales.fomentosansebastian.eus
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. oportunidadesprofesionales.fomentosansebastian.eus (http-01): urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up A for oportunidadesprofesionales.fomentosansebastian.eus - the domain's nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for oportunidadesprofesionales.fomentosansebastian.eus - the domain's nameservers may be malfunctioning
My web server is (include version): Nginx 1.14.2
The operating system my web server runs on is (include version): Debian 10.12
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.31.0
I can confirm that at least from my vantagepoint, mail does resolve correctly against the individual dinahosting nameservers. But oportunidadesprofesionales continues to give SERVFAIL errors. So so weird.
They're both just plain A records in the zone, right? One's not a sub-zone or something? Can you post a screenshot of the DNS record view at the provider?
I suppose it is possible that different DNS clients create different sized requests for the same FQDN.
Their IPS protections are being applied differently per datacenter or some other GeoLocation difference.
Note: I'm halfway around the world from a black box system guessing at what it might be doing.