My domain is: webviewdigital.com
hosting : vultr
Please help, how i can install ssl
Your authoritative DNS weren't behaving correctly.
I think they are now, you can retry using certbot.
A piece of advice: use SSH, not the web console. It makes it easier.
1 Like
Please write me commands, Thanks
1 Like
Nope, there are A TON of DNSSEC errors for that domain.
Please see webviewdigital.com | DNSViz
3 Likes
Can't find the vultr
Frankly, I don't think its DNSSEC that is the issue, but Vultr is refusing to answer for your domain on its DNS servers entirely:
osiris@desktop ~ $ dig @ns1.vultr.com +norecurse webviewdigital.com A
; <<>> DiG 9.16.6 <<>> @ns1.vultr.com +norecurse webviewdigital.com A
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 14667
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;webviewdigital.com. IN A;; Query time: 21 msec
;; SERVER: 2001:19f0:ccd::1#53(2001:19f0:ccd::1)
;; WHEN: zo mrt 06 11:50:47 CET 2022
;; MSG SIZE rcvd: 47osiris@desktop ~ $
Is Vultr actually the DNS provider for your domain?
3 Likes
I didn't notice those from my resolver. I just saw it going from servfail to noerror. That's not good for my resolver.
Oh, come on: dig doesn't validate dnssec by default?
~ $ dig +dnssec aaaa webviewdigital.com
; <<>> DiG 9.16.11 <<>> +dnssec aaaa webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 26691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;webviewdigital.com. IN AAAA
;; Query time: 163 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:50:51 CET 2022
;; MSG SIZE rcvd: 47
~ $ dig aaaa webviewdigital.com
; <<>> DiG 9.16.11 <<>> aaaa webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9060
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;webviewdigital.com. IN AAAA
;; ANSWER SECTION:
webviewdigital.com. 14349 IN AAAA 2a02:4780:3:646:0:2b65:ec8:1
;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:51:01 CET 2022
;; MSG SIZE rcvd: 75
~ $
It doesn't look like it is
~ $ dig ns webviewdigital.com
; <<>> DiG 9.16.11 <<>> ns webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62430
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;webviewdigital.com. IN NS
;; ANSWER SECTION:
webviewdigital.com. 21001 IN NS ns1.dns-parking.com.
webviewdigital.com. 21001 IN NS ns2.dns-parking.com.
;; Query time: 40 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:53:00 CET 2022
;; MSG SIZE rcvd: 95
~ $ dig +dnssec ns webviewdigital.com
; <<>> DiG 9.16.11 <<>> +dnssec ns webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 8751
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;webviewdigital.com. IN NS
;; Query time: 230 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:53:10 CET 2022
;; MSG SIZE rcvd: 47
1 Like
It might be cached. I always use +trace to mimic (kinda) the resolving method of Unbound used by the LE validation servers.
2 Likes
domain is with hostinger but i point to vultr
can i use this ?
Commands:
wget -qO wo wops.cc && sudo bash wo
sudo wo site create example.com --wp -le
Yep, but I'm asking the same resolver both times.
It has issues with local stub resolvers, like the omnipresent systemd-resolved
1 Like
I do not recognize that command. Please use certbot and read its instructions.
You have other issues to solve with your DNS, before trying to issue any certificates. Enter in you domain registrar panel, disable DNSSEC.
Then go in your DNS hosting panel and enable it, following their instructions very carefully.
2 Likes
I don't understand. If Hostinger is your DNS provider and not Vultr, why would you point your domain to Vultrs DNS servers?
3 Likes
i want to start my website on vultr
i did mistake ? i need to update only a record not dns ?
You can do whatever you want, as long as you know how to do it.
You can host your DNS on either hostinger or vultr, it only depends on your preferences and needs. Both will work with any VPS.
Using your registrar is probably easier, if you're starting now.
1 Like
i guess i need professional, i don't know what to do mate
Ok, let's take it slowly.
Log in to hostinger, and disable DNSSEC.
Then, make a backup of your DNS records and enable their DNS services from scratch. During this, you can reenable DNSSEC.
2 Likes
