DNS problem: NXDOMAIN looking up A

My domain is:
uat.car-insurance.atlantic.caa.ca

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
k8s cert-manager

I'm getting this error:
Error accepting authorization: acme: authorization error for
uat.car-insurance.atlantic.caa.ca: 400 urn:ietf:params:acme:error:dns: DNS
problem: NXDOMAIN looking up A for uat.car-insurance.atlantic.caa.ca - check
that a DNS record exists for this domain

It does look like dns propagation is fine:

Hi @jdamata, welcome to the LE community forum :slight_smile:

Although most global DNS services are able to resolve the name...
There may be an ongoing DNS issue:

1 Like

It does look like one problem is that ns3.rts.caa.ca. isn't reponding for caa.ca.

But the authoritative servers (looking to be hosted by dnsmadeeasy.com) are all returning NXDOMAIN for uat.car-insurance.atlantic.caa.ca, at least according to DNSViz.

https://dnsviz.net/d/uat.car-insurance.atlantic.caa.ca/dnssec/

2 Likes

@petercooperjr, yes there is a definite discrepancy:

nslookup -q=ns ca 8.8.8.8
ca      nameserver = j.ca-servers.ca
ca      nameserver = c.ca-servers.ca
ca      nameserver = any.ca-servers.ca
ca      nameserver = x.ca-servers.ca

nslookup -q=ns caa.ca j.ca-servers.ca   <<<< returns four servers
caa.ca  nameserver = dns2.datacentres.rogers.com
caa.ca  nameserver = dns3.datacentres.rogers.com
caa.ca  nameserver = dns1.datacentres.rogers.com
caa.ca  nameserver = ns3.rts.caa.ca

nslookup -q=ns caa.ca dns1.datacentres.rogers.com   <<<< returns three servers
caa.ca  nameserver = dns3.datacentres.rogers.com
caa.ca  nameserver = dns1.datacentres.rogers.com
caa.ca  nameserver = dns2.datacentres.rogers.com
2 Likes

Thanks @Bruce5051

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.