Dns01 challenge fail with error "DNS problem: SERVFAIL looking up TXT"

HI everyone.
I met this problem when use dns-01 to get a wildcast cert.

My domain is:*.stg27.lutest.luagent.com
I ran this command:
certbot certonly --no-verify-ssl --manual --config-dir=/Users/yuleyi799/Scripts/certbot --work-dir=/Users/yuleyi799/Scripts/certbot --logs-dir=/Users/yuleyi799/Scripts/certbot -d *.stg27.lutest.luagent.com

I have add the required TXT record to dns and waited until the TXT can be looked up.

Almost all resolver is good except this "Neustar"

Then I continue.

finally it give me a error: DNS problem: SERVFAIL looking up TXT for
_acme-challenge.stg27.lutest.luagent.com - the domain's nameservers
may be malfunctioning

I have checked my domain in let's debug which says ok: Let's Debug

I attach the whole log below.
log.txt.txt (23.7 KB)

I have tried several times and got the same result. Hoping some one can resucue me.

welcome them to our community.
you have to indicate that the dns01 challenge is desired.
and the corresponding dns plugin should be specified.
which dns provider do you use?

There seems to be something interfering with DNS requests to your nameservers.
Now Let's Debug also shows the problem: Let's Debug (letsdebug.net)

I also noticed that the token mentioned in the log.txt.txt file is NOT the same as the entry shown in your posted screenshot.
[this is, of course, a very secondary issue at this point - DNS is the priority]

Emm, I tried Let's Debug myself again and still get ok. Let's Debug.
I dont know how the test is woking and what makes the difference between us.
However, your test do have indicated something which may be help me find root cause. Thanks

BTW, There are some other domains I tried these days and all got certed sucessfully:

C07NP11AG1J1:certbot yuleyi799$ ls live
README lutest.lufunds.com stg3-lufunds.lutest.lufunds.com stg3.lutest.lufunds.com stg3.lutest.palubao.lu.com stg44.lutest.lu.com
lutest.lu.com lutest.palubao.com stg3.lutest.lu.com stg3.lutest.palubao.com stg4.lutest.lu.com

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.