DNS problem: NXDOMAIN looking up A for

After resolving this issue Timeout during connect (likely firewall problem) I now run into this issue.

I deliberately removed the AAAA-Record from da.wikihoster.net. Challenge should be done via IPv4 only. Again I am at a loss. Any help appreciated to get this working without an AAAA-Record.

My domain is: da.wikihoster.de

I ran this command: certbot certonly --webroot -w /var/www/htdocs/mw/02140 -d da.wikihoster.de --dry-run

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for da.wikihoster.de
Using the webroot path /var/www/htdocs/mw/02140 for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. da.wikihoster.de (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for da.wikihoster.de - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for da.wikihoster.de - check that a DNS record exists for this domain

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: da.wikihoster.de
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up A for da.wikihoster.de -
   check that a DNS record exists for this domain; DNS problem:
   NXDOMAIN looking up AAAA for da.wikihoster.de - check that a DNS
   record exists for this domain

My web server is (include version): Apache/2.4.38 (Debian)

The operating system my web server runs on is (include version): Debian GNU/Linux 10 (buster)

My hosting provider, if applicable, is: IN-Berlin (privately maintained though)

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is: certbot 0.31.0

Are you sure you added an entry for "da" in your DNS zone?
I can't find one:

*** 8.8.8.8 can't find da.wikihoster.de: Non-existent domain
*** 1.1.1.1 can't find da.wikihoster.de: Non-existent domain

Authoritative nameservers:

wikihoster.de   nameserver = ns21.domaincontrol.com
wikihoster.de   nameserver = ns22.domaincontrol.com
3 Likes

Why should I also remove the A-Record. I only deleted the AAAA-Record. This is so tedious. I will check again.

I do not see any DNS records, not even SOA. I checked here:

2 Likes

No one has asked you to remove anything.

3 Likes

Oh man. I must also have deleted the A-Record. Such a waste of your and my time. Added it back. Let's See.

2 Likes

The DNS SOA record is described here:

and here:
https://www.cloudflare.com/learning/dns/dns-records/dns-soa-record/

1 Like

This was a question to myself. :wink: I must not just removed the AAAA record but also the A record.

3 Likes

Well, after adding an A record for da.wikihoster.de everything works as expected again. Oh man. Human error at its best. Thanks a lot for your pointers and help me see the obvious.

4 Likes

I have been known to "Master the Obvious"!
LOL

5 Likes