Error get certificate let's encrypt laravel forge on subdomain

Help
1 
2023-10-26 08:14:03 URL:https://forge-certificates.laravel.com/le/1953591/2144174/ecdsa?env=production [4706] -> "letsencrypt_script1698308043" [1]
Cloning into 'letsencrypt1698308043'...
ERROR: Challenge is invalid! (returned: invalid) (result: ["type"]	"http-01"
["status"]	"invalid"
["error","type"]	"urn:ietf:params:acme:error:dns"
["error","detail"]	"DNS problem: SERVFAIL looking up CAA for kamishibaiboard.com - the domain's nameservers may be malfunctioning"
["error","status"]	400
["error"]	{"type":"urn:ietf:params:acme:error:dns","detail":"DNS problem: SERVFAIL looking up CAA for kamishibaiboard.com - the domain's nameservers may be malfunctioning","status":400}
["url"]	"https://acme-v02.api.letsencrypt.org/acme/chall-v3/277557515016/EVOTxA"
["token"]	"kigBjruhXVePMXIYVLk9zLriGO3UfbpzsJwKFZs-sZY"
["validationRecord",0,"url"]	"http://kaizen.kamishibaiboard.com/.well-known/acme-challenge/kigBjruhXVePMXIYVLk9zLriGO3UfbpzsJwKFZs-sZY"
["validationRecord",0,"hostname"]	"kaizen.kamishibaiboard.com"
["validationRecord",0,"port"]	"80"
["validationRecord",0,"addressesResolved",0]	"64.227.64.195"
["validationRecord",0,"addressesResolved"]	["64.227.64.195"]
["validationRecord",0,"addressUsed"]	"64.227.64.195"
["validationRecord",0]	{"url":"http://kaizen.kamishibaiboard.com/.well-known/acme-challenge/kigBjruhXVePMXIYVLk9zLriGO3UfbpzsJwKFZs-sZY","hostname":"kaizen.kamishibaiboard.com","port":"80","addressesResolved":["64.227.64.195"],"addressUsed":"64.227.64.195"}
["validationRecord"]	[{"url":"http://kaizen.kamishibaiboard.com/.well-known/acme-challenge/kigBjruhXVePMXIYVLk9zLriGO3UfbpzsJwKFZs-sZY","hostname":"kaizen.kamishibaiboard.com","port":"80","addressesResolved":["64.227.64.195"],"addressUsed":"64.227.64.195"}]
["validated"]	"2023-10-26T08:14:18Z")

hello to the whole community, I can't understand why it doesn't let me get the ssl certificate via forge.. have any of you ever experienced this type of error? thank you so much community..
help me please..

2

Hi @Morex92, and welcome to the LE community forum :slight_smile:

["error","detail"]	"DNS problem: SERVFAIL looking up CAA for kamishibaiboard.com - the domain's nameservers may be malfunctioning"

See: Let's Debug (letsdebug.net)

There seems to be an issue at Digital Ocean.

The domain registrar shows them as authoritative: Whois kamishibaiboard.com
image
But they seem to know nothing about your domain:

nslookup -q=ns kamishibaiboard.com ns1.digitalocean.com
Server:  UnKnown
Address:  173.245.58.51
*** UnKnown can't find kamishibaiboard.com: Query refused     <<<<<<<<<<

nslookup -q=ns kamishibaiboard.com ns2.digitalocean.com
Server:  UnKnown
Address:  173.245.59.41
*** UnKnown can't find kamishibaiboard.com: Query refused     <<<<<<<<<<

nslookup -q=ns kamishibaiboard.com ns3.digitalocean.com
Server:  UnKnown
Address:  198.41.222.173
*** UnKnown can't find kamishibaiboard.com: Query refused     <<<<<<<<<<
5 Likes
3

thanks so much for the reply, how do I solve it? Tomorrow I have to urgently have a meeting for this web app, everything must be ok.. thank you very much for your help

1 Like
5

Begin at the beginning.

  • Make sure you have an Internet accessible host to provide service for that name.
  • Make sure you have working DNS service for that domain.
  • Point the name to the Internet IP of the host.
  • Try obtaining a test cert.
  • Obtain a real cert.
4 Likes
6

I've already tried these things on the main domain too and I still can't

7

Who is your DSP [DNS Service provider]?

4 Likes
8

Aruba for domain

digitalocean server

laravel forge for app

9

but I don't understand, I've always worked so I have different servers and domains all with the same procedure and they all work correctly, why not this one???

10 
Aruba for domain      = Domain Registrar
digitalocean server   = HSP [Hosting Service Provider]
laravel forge for app = Server Software

I repeat:

4 Likes
11

I think they are Aruba..

12

Speak with them about your DNS service.
Have them verify that it is configured and working as expected.

4 Likes
13

Thank you so much ...

1 Like
14

Hi thank you very much I solved it in the Aruba DNS panel when I use other server names and therefore I do ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com

the ip fields must be empty and not with the ip of the digital ocean server this was the error now I have installed the certificate correctly I hope someone in the future can help with this thanks again

3 Likes
15

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.