I have this one domain that repeatedly returns the following errors and cannot pass issuance authorization with LE:
Failed authorization procedure. www.myelement.org (http-01): urn:acme:error:dns :: DNS problem: SERVFAIL looking up A for www.myelement.org
Sometimes it produces this error instead.
Failed authorization procedure. www.myelement.org (http-01): urn:acme:error:dns :: DNS problem: query timed out looking up A for www.myelement.org
My own troubleshooting has reached a dead end. Others on the forum with this issue have often had DNSSEC issues. However, we do not see their domain using DNSSEC as of yet (having a DNSKEY), which we check by doing dig www.myelement.org DNSKEY.
If we were to presume that they are using DNSSEC anyhow, the dnsviz.net analysis will INTERMITTENTLY show some errors. I'd say about 75% of the time I run the analysis, I get some errors.
http://dnsviz.net/d/www.myelement.org/dnssec/
When errors are present, they say:
edlio.com/DS: No response was received from the server over UDP (tried 8 times). (2001:500:d937::30, 2001:501:b1f9::30, 2001:503:d2d::30, UDP_0_NOEDNS)
fastly.net/DS: No response was received from the server over UDP (tried 8 times). (2001:500:d937::30, 2001:501:b1f9::30, 2001:503:d2d::30, UDP_0_NOEDNS)
I'm really at a dead end about what to do next to get this domain certed.
My domain is:
I ran this command:
letsencrypt certonly --webroot -d www.myelement.org
It produced this output:
Failed authorization procedure. www.myelement.org (http-01): urn:acme:error:dns :: DNS problem: SERVFAIL looking up A for www.myelement.org
And sometimes this one:
Failed authorization procedure. www.myelement.org (http-01): urn:acme:error:dns :: DNS problem: query timed out looking up A for www.myelement.org
My web server is (include version):
apache 2
The operating system my web server runs on is (include version):
Ubuntu 16.04.2
My hosting provider, if applicable, is:
fastly
I can login to a root shell on my machine (yes or no, or I don't know):
yes
Other than switching DNS providers.