I just created a new certificate and all went well, but then I ran command to dry run a renewal:
sudo certbot renew --dry-run
and I’m getting a DNS failure, which is strange:
tls-sni-01 challenge for chh.lightboxcreative.co.nz Waiting for verification... Cleaning up challenges Attempting to renew cert from /etc/letsencrypt/renewal/chh.lightboxcreative.co.nz.conf produced an unexpected error: Failed authorization procedure. chh.lightboxcreative.co.nz (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: DNS problem: SERVFAIL looking up A for chh.lightboxcreative.co.nz. Skipping.
Have seen some other advice about adding VirtualHost *:80 to the default, but mine is already set like that.
I’m on Ubuntu 14.04 running Apache