HI everyone.
I met this problem when use dns-01 to get a wildcast cert.
My domain is:*.stg27.lutest.luagent.com
I ran this command:
certbot certonly --no-verify-ssl --manual --config-dir=/Users/yuleyi799/Scripts/certbot --work-dir=/Users/yuleyi799/Scripts/certbot --logs-dir=/Users/yuleyi799/Scripts/certbot -d *.stg27.lutest.luagent.com
I have add the required TXT record to dns and waited until the TXT can be looked up.
Almost all resolver is good except this "Neustar 156.154.70.64"
Then I continue.
finally it give me a error: DNS problem: SERVFAIL looking up TXT for
_acme-challenge.stg27.lutest.luagent.com - the domain's nameservers
may be malfunctioning
I have checked my domain in let's debug which says ok: Let's Debug
I attach the whole log below. log.txt.txt (23.7 KB)
I have tried several times and got the same result. Hoping some one can resucue me.
welcome them to our community.
you have to indicate that the dns01 challenge is desired.
--preferred-challenge=dns
and the corresponding dns plugin should be specified.
which dns provider do you use?
There seems to be something interfering with DNS requests to your nameservers.
Now Let's Debug also shows the problem: Let's Debug (letsdebug.net)
I also noticed that the token mentioned in the log.txt.txt file is NOT the same as the entry shown in your posted screenshot.
[this is, of course, a very secondary issue at this point - DNS is the priority]
Emm, I tried Let's Debug myself again and still get ok. Let's Debug.
I dont know how the test is woking and what makes the difference between us.
However, your test do have indicated something which may be help me find root cause. Thanks
