DNS problem: don't resolve correctly

Your DNS server resolves the hostname salentovirtuale.com to the IP, it’s a very old IP where this domain was hosted, actually the IP is (www record too). https://www.whatsmydns.net/#A/salentovirtuale.com
Can you correct it?

Thanks for your help.

My domain is: salentovirtuale.com

I ran this command: Save/generate certificate

It produced this output:

Cannot Execute Your Request


Generating 4096 bit RSA key for let’s encrypt account…
openssl genrsa 4096 > "/usr/local/directadmin/data/users/salvirt/letsencrypt.key"
Generating RSA private key, 4096 bit long modulus
e is 65537 (0x10001)
Account has been registered.
Getting challenge for salentovirtuale.com from acme-server…
Error: http://salentovirtuale.com/.well-known/acme-challenge/letsencrypt_1504262293 is not reachable. Aborting the script.
dig output for salentovirtuale.com:
Please make sure /.well-known alias is setup in WWW server.

My web server is (include version): Apache

The operating system my web server runs on is (include version): Linux Centos 6

My hosting provider, if applicable, is: Ormag.net (self)

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Directadmin

Hi @ormag,

I don't believe the output showing the old IP is from the Let's Encrypt server. I checked the server-side logs and your ACME client has only created a new authz but hasn't yet activated it to respond to a challenge (e.g. Let's Encrypt hasn't tried to look up the IP address yet!)

The Let's Encrypt recursive resolver has a very low cache time and I'm seeing the correct IP from both of your authoritative nameservers when I query them directly.

It looks like you're using DirectAdmin and it may be doing a "pre-check" and failing before telling Let's Encrypt to go ahead with the challenge. Is it possible that the server you're running DirectAdmin on has cached the old IP address? Can you contact DirectAdmin support to learn more about how to resolve this?

At this point it seems like there isn't anything I can do to help you from the Let's Encrypt side. Apologies! Maybe someone else in the forum will have more insight into how to get DirectAdmin to properly handle this case.

Thanks for your help.
Sorry, it was my fault, there was another non authoritative dns zone of the domain on the server.

Best regards

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.