DNS problem: query timed out looking up A for domain-name

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.mobionizer.com

I ran this command: certbot renew

It produced this output:
DNS problem: query timed out looking up A for
www.mobionizer.com; DNS problem: query timed out looking up AAAA
for www.mobionizer.com

My web server is (include version):
XAMPP for Linux 7.2.31-1
The operating system my web server runs on is (include version):
centos 7
My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.11.0

I think the problem is probably that ns2.banglaphone.net.bd (IP address 180.210.130.3) doesn't respond to DNS queries over TCP.

This is a misconfiguration by the operators of that server.

Since your domain depends on that nameserver, it is causes issues for the issuance of your certificate.

Your choices include:

• Contact banglaphone, ask them to fix that nameserver, and wait for them to action it.
• Change your domain to use nameservers that are working properly (Cloudflare is a good free one, but there are many choices).

This is what I presently see with nslookup

$ nslookup
> set q=ns
> mobionizer.com
Server:         127.0.0.1
Address:        127.0.0.1#53

Non-authoritative answer:
mobionizer.com  nameserver = ns1.banglaphone.net.bd.
mobionizer.com  nameserver = ns2.banglaphone.net.bd.

Authoritative answers can be found from:
> server ns1.banglaphone.net.bd.
Default server: ns1.banglaphone.net.bd.
Address: 180.210.129.3#53
> set q=a
> mobionizer.com
Server:         ns1.banglaphone.net.bd.
Address:        180.210.129.3#53

Name:   mobionizer.com
Address: 180.210.129.103
> www.mobionizer.com
Server:         ns1.banglaphone.net.bd.
Address:        180.210.129.3#53

Name:   www.mobionizer.com
Address: 180.210.129.103
> set q=aaaa
> mobionizer.com
Server:         ns1.banglaphone.net.bd.
Address:        180.210.129.3#53

*** Can't find mobionizer.com: No answer
> www.mobionizer.com
Server:         ns1.banglaphone.net.bd.
Address:        180.210.129.3#53

*** Can't find www.mobionizer.com: No answer
> server ns2.banglaphone.net.bd.
Default server: ns2.banglaphone.net.bd.
Address: 180.210.130.3#53
> set q=a
> mobionizer.com
Server:         ns2.banglaphone.net.bd.
Address:        180.210.130.3#53

Name:   mobionizer.com
Address: 180.210.129.103
> www.mobionizer.com
Server:         ns2.banglaphone.net.bd.
Address:        180.210.130.3#53

Name:   www.mobionizer.com
Address: 180.210.129.103
> set q=aaaa
> mobionizer.com
Server:         ns2.banglaphone.net.bd.
Address:        180.210.130.3#53

*** Can't find mobionizer.com: No answer
> www.mobionizer.com
Server:         ns2.banglaphone.net.bd.
Address:        180.210.130.3#53

*** Can't find www.mobionizer.com: No answer
> exit

You have some DNS issue(s).

Using the online tool https://dnsspy.io/ both Performance and Resilience & Security did not score well.
DNS Spy report for mobionizer.com

And with this online tool https://www.hardenize.com/ shows DNS Zone issues
Hardenize Report: mobionizer.com

This online tool https://dnsviz.net/ shows issues with mobionizer.com
mobionizer.com | DNSViz
but not showing issues with www.mobionizer.com
www.mobionizer.com | DNSViz

Thank you for your response. I have contacted with banglaphone. They will check the configuration

Hello.

This is the current status, no errors. But we are still unable to complete the cert process.

We have run this below command:
"certbot certonly --standalone -d www.mobionizer.com"

Still getting following issue:

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: www.mobionizer.com
  Type: dns
  Detail: DNS problem: query timed out looking up A for
  www.mobionizer.com; DNS problem: query timed out looking up AAAA
  for www.mobionizer.com

Mmm. I think your network (Bangla Phone) is blocking Let's Encrypt's IPs entirely.

For evidence, I tried pointing one of my domains at your web server's IP address, and it still produces a connection timeout, so the problem is not DNS related at all.

Since your nameservers are hosted on the same network as your web server, I think it's likely that both timeouts can be explained by a firewall block or other similar networking issue.