Same result, same error, same secondary DNS timeout.
This has been happening daily since 7/25, when another domain in this same setup was renewed.
In the same cron/process, 2 sites were queued up for renewal as their SSLs were issued at the same time. staging.harrychapinfoodbank.org and harrychapinfoodbank.org (with an alternative of www.harrychapinfoodbank.org).
The first to be processed was staging, and it succeeded on 7/25, while the next failed with the timeout on secondary DNS issue. It’s been the same error daily since then, one time daily until yesterday where I’ve manually initiated the process multiple times with debugging.
After a week of trial and error, I’ve reverted the site, disabled the configuration for SSL and restarted the process for a success.
Starting SSL verification.
Debug: Loading account keypair (3.488s)
Debug: Starting check with solver http (3.488s)
Debug: Loading the authorization token for domains harrychapinfoodbank.org, www.harrychapinfoodbank.org … (3.489s)
Debug: Challenge loaded. (3.489s)
Debug: Challenge loaded. (3.796s)
The authorization check was successful!
Debug: Certificate found for harrychapinfoodbank.org, executing renewal (3.86s)
Loading current certificate for harrychapinfoodbank.org
Current certificate will expire in less than 25 days (2020-08-14 00:00:29), renewal is required.
Debug: Loading domain key pair… (3.86s)
Debug: Loading domain distinguished name… (3.861s)
Debug: Loading the order related to the domains harrychapinfoodbank.org, www.harrychapinfoodbank.org. (3.862s)
Renewing certificate for domain harrychapinfoodbank.org.
Certificate received
Certificate stored Certificate renewed successfully!
Thanks for the eyeballs and allowing me to talk out the solution.
Thanks for the reply/response and also your great informational tool.
I agree that the problem most likely wasn’t in house, but external.
It was very odd, since all these commands were executed in order within milliseconds of each other on 7/25. Since the root domain was the same, the look ups should have been the same result on each lookup.
I can’t imagine it working now if the problem was a high number of queries from me (not from world aggregated), since I had submitted the update so many times over the last 3 days, it would surely still be blocked if it were considering just my queries as spam or brute forcing it.