DNS problem Servfail

Help
1

please help me to understand the problem:

code, challenge_status, headers========== 200 {'type': 'http-01', 'status': 'invalid',

'error': {'type': 'urn:ietf:params:acme:error:dns',

'detail': "DNS problem: SERVFAIL looking up A for www.dynhost.ml - the domain's nameservers may be malfunctioning;

DNS problem: SERVFAIL looking up AAAA for www.dynhost.ml - the domain's nameservers may be malfunctioning", 'status': 400}, 'url': 'https://acme-v02.api.letsencrypt.org/acme/chall-v3/167237291972/x2ATxg', 'token': 'LhDKOEVhQV7-M_sNebA84TehPjwxnF7ujtzPtuHiigo', 'validated': '2022-10-21T23:51:25Z'} Server: nginx

Date: Fri, 21 Oct 2022 23:51:31 GMT

2

Well, much like it says: You're trying to get a certificate for the name www.dynhost.ml, but your name's authoritative DNS servers are malfunctioning and not returning a valid answer. That means that Let's Encrypt can't connect to your server in order to validate that you own the name. (And it means that no other users can get to that name either.)

A tool that might help is DNSViz:

https://dnsviz.net/d/www.dynhost.ml/dnssec/

  • dynhost.ml/DNSKEY: The response (92 bytes) was malformed. (176.9.168.4, 193.254.196.206, UDP_-_EDNS0_512_D_KN, UDP_-_NOEDNS_)
  • www.dynhost.ml/AAAA: The response (96 bytes) was malformed. (176.9.168.4, 193.254.196.206, UDP_-_NOEDNS_)
  • www.dynhost.ml/A: The response (64 bytes) was malformed until EDNS was disabled. (176.9.168.4, 193.254.196.206, UDP_-_EDNS0_4096_D_KN)

Your DNS servers are dhost1.ml and dhost2.ml, you'd have to contact whoever administrates your DNS zone on those servers if you're expecting that name to resolve to something.

4 Likes
3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.