Please fill out the fields below so we can help you better.
My domain is:
imap.lampensau.org pop3.lampensau.org smtp.lampensau.org mail.lampensau.org imap.dimmerwache.de …
I ran this command:
./letsencrypt.sh --cron --challenge dns-01 --hook pdns_api.sh --domain …
It produced this output:
- Requesting challenge for mail.dimmerwache.de…
- Requesting challenge for imap.dimmerwache.de…
- Requesting challenge for smtp.dimmerwache.de…
- Requesting challenge for pop3.dimmerwache.de…
- Requesting challenge for imap.lampensau.org…
- Requesting challenge for mail.pultschlampe.de…
- Requesting challenge for imap.pultschlampe.de…
- Requesting challenge for smtp.pultschlampe.de…
- Requesting challenge for pop3.pultschlampe.de…
- Requesting challenge for smtp.lampensau.org…
- Requesting challenge for pop3.lampensau.org…
- Responding to challenge for mail.dimmerwache.de…
- Challenge is valid!
- Responding to challenge for imap.dimmerwache.de…
- Challenge is valid!
- Responding to challenge for smtp.dimmerwache.de…
- Challenge is valid!
- Responding to challenge for pop3.dimmerwache.de…
- Challenge is valid!
- Responding to challenge for imap.lampensau.org…
ERROR: Challenge is invalid! (returned: invalid) (result: {
“type”: “dns-01”,
“status”: “invalid”,
“error”: {
“type”: “urn:acme:error:connection”,
“detail”: “DNS problem: SERVFAIL looking up TXT for _acme-challenge.imap.lampensau.org”,
“status”: 400
},
“uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/NUDEvdA9dHXWf9xHZ4FisuHXu-G5pz7HCw12CJmNzPY/250942525”,
“token”: “hxWE2mlRr3xo9ZrSlcNi9v2smGihZAZm7RMMm8U8sDs”,
“keyAuthorization”: “hxWE2mlRr3xo9ZrSlcNi9v2smGihZAZm7RMMm8U8sDs.aeFuFrgAVD169KXmTWqShjlN3C6UxnwpF6FKdokwGtc”
})
My operating system is (include version):
uname -a
Linux Hostname 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt25-2+deb8u3 (2016-07-02) x86_64 GNU/Linux
My web server is (include version):
None
My hosting provider, if applicable, is:
netcup.de
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
Hi there,
I’m currently trying to get certificates for a mailserver of mine and am hitting a brick wall so to speak.
All domains are managed on the same 3 nameservers but one constantly failes (lampensau.org). Im using letsencrypt.sh with the pdns_api.sh and when I query my nameservers after starting letsencrypt.sh (300s waittime till it verifies with my nameservers) I get NOERROR and a payload with every domain. All domains succeed except the lampensau.org one and I have no clue why … HELP!!
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> _acme-challenge.imap.lampensau.org txt @ns1.dimmerwache.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36248
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;_acme-challenge.imap.lampensau.org. IN TXT
;; ANSWER SECTION:
_acme-challenge.imap.lampensau.org. 1 IN TXT “9iM0zsAkSHLq1IoL-_HOApmTsEqx4-KUPVu4Vg1nLsc”
;; Query time: 6 msec
;; SERVER: 2a03:4000:6:50e4::2#53(2a03:4000:6:50e4::2)
;; WHEN: Wed Aug 31 20:33:38 CEST 2016
;; MSG SIZE rcvd: 119
Ive checked every nameserver and the payload is the same across all 3. I don’t know what is wrong here.
I’m currently running PowerDNS 4.0.1