Okay, good to know.
The authz you posted has an expiry that lands on the hour, so we can infer that it and its associated order was created on the hour.
I speculate, based on everything that we've seen on this thread so far, that the Let's Encrypt secondary validation servers have been getting overwhelmed at 0 past the hour.
That all the DNS hosts have been different, and that one of them was Cloudflare, makes me think it's very unlikely that users' nameservers are to blame.
Just for information, we've faced this even on servers which had been running for more than a year and the domain pointers weren't changed at least 3 months before the errors started surfacing.
Something is fishy. My setup has also been running forever and nothing changed in DNS. I think LE needs to look into their secondary DNS authentication. @jsha, should we open a ticket somewhere?
I observed this behavior again today on a different server for a couple of domains belonging to org TLD. However, it was scheduled at 1:00 AM UTC, so it wont help rule out the hypothesis of "failure due to overload at 1 AM". But this is definitely not related to ooo TLD.
My domain provider is GoDaddy and Name server is cloudflare. I'm using cloudflare to create A records for subdomains. All the failures that I've seen are for the subdomain created using this setup.
Thanks!
@Manate there was a status update from a Let's Encrypt engineer here: Repeated DNS error: During secondary validation: DNS problem: networking error looking up A
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.