DNS problem: NXDOMAIN looking up A for rdsh01.ladesol-tambov.com - check that a DNS record exists for this domain

Hi. How i can fix it ? ladesol-tambov.com - my local domain

C:\acme>wacs.exe --target manual --host rdcb01.ladesol-tambov.com,rds.ladesol-tambov.com,rdsh01.ladesol-tambov.com --certificatestore My --installation iis,script --installationsiteid 1 --script "Scripts\ImportRDSFull.ps1" --scriptparameters "{CertThumbprint}"

A simple Windows ACMEv2 client (WACS)
Software version 2.1.11.917 (RELEASE, PLUGGABLE, 64-bit)
ACME server https://acme-v02.api.letsencrypt.org/
IIS version 10.0
Running with administrator credentials
Scheduled task not configured yet
Please report issues at https://github.com/win-acme/win-acme
Running in mode: Unattended
Target generated using plugin Manual: rdcb01.ladesol-tambov.com and 2 alternatives

[rdcb01.ladesol-tambov.com] Cached authorization result: valid
[rdsh01.ladesol-tambov.com] Authorizing...
[rdsh01.ladesol-tambov.com] Authorizing using http-01 validation (SelfHosting)
[rdsh01.ladesol-tambov.com] Authorization result: invalid
[rdsh01.ladesol-tambov.com] {
"type": "urn:ietf:params:acme:error:dns",
"detail": "DNS problem: NXDOMAIN looking up A for rdsh01.ladesol-tambov.com - check that a DNS record exists for this domain",
"status": 400
}
Create certificate failed: [rdsh01.ladesol-tambov.com] Validation failed

C:\acme>nslookup rdsh01.ladesol-tambov.com
Server: UnKnown
Address: 172.16.100.1

Name: rdsh01.ladesol-tambov.com
Address: 172.16.100.6

1 Like

Hello Andrey :slightly_smiling_face:

Those IP addresses don't match what I'm seeing:
rdsh01.ladesol-tambov.com. 21599 IN A 62.76.90.194

See rg305's explanation below for more details.


Based on my visits to rdcb01.ladesol-tambov.com, rds.ladesol-tambov.com, and rdsh01.ladesol-tambov.com as well as JuergenAuer's analysis below, your certificate appears fine.


You just need to add http to https redirects.

1 Like

Did you create that A record very recently?

DNS looks OK at this time.

FYI: You ran the nslookup command using an internal DNS server and it returned an internal (non-routeable) IP - you should use global DNS for such checks:
Like:
nslookup rdsh01.ladesol-tambov.com 8.8.8.8

1 Like

Hi @Andrei9385

checking your domain looks like you have found a solution - see https://check-your-website.server-daten.de/?q=rdsh01.ladesol-tambov.com

There is a new certificate:

CN=rdcb01.ladesol-tambov.com
	11.11.2020
	09.02.2021
expires in 90 days	rdcb01.ladesol-tambov.com, rds.ladesol-tambov.com, rdsh01.ladesol-tambov.com - 3 entries

and you use it.

Looks good :+1:

2 Likes

Thanks, problem solved !)

2 Likes