Error while install SSL

Help
1

My domain is: webviewdigital.com

hosting : vultr

image
image1366×768 192 KB

Please help, how i can install ssl

2

Your authoritative DNS weren't behaving correctly.

I think they are now, you can retry using certbot.

A piece of advice: use SSH, not the web console. It makes it easier.

1 Like
3

Please write me commands, Thanks

1 Like
4

Nope, there are A TON of DNSSEC errors for that domain.

Please see webviewdigital.com | DNSViz

3 Likes
5

Go on certbot.eff.org and select your operating system and web server. :wink:

2 Likes
6

Can't find the vultr

7

Frankly, I don't think its DNSSEC that is the issue, but Vultr is refusing to answer for your domain on its DNS servers entirely:

osiris@desktop ~ $ dig @ns1.vultr.com +norecurse webviewdigital.com A

; <<>> DiG 9.16.6 <<>> @ns1.vultr.com +norecurse webviewdigital.com A
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 14667
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;webviewdigital.com. IN A

;; Query time: 21 msec
;; SERVER: 2001:19f0:ccd::1#53(2001:19f0:ccd::1)
;; WHEN: zo mrt 06 11:50:47 CET 2022
;; MSG SIZE rcvd: 47

osiris@desktop ~ $

Is Vultr actually the DNS provider for your domain?

3 Likes
8

I didn't notice those from my resolver. I just saw it going from servfail to noerror. That's not good for my resolver.

Oh, come on: dig doesn't validate dnssec by default?

~ $ dig +dnssec aaaa webviewdigital.com

; <<>> DiG 9.16.11 <<>> +dnssec aaaa webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 26691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;webviewdigital.com.            IN      AAAA

;; Query time: 163 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:50:51 CET 2022
;; MSG SIZE  rcvd: 47

~ $ dig  aaaa webviewdigital.com

; <<>> DiG 9.16.11 <<>> aaaa webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9060
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;webviewdigital.com.            IN      AAAA

;; ANSWER SECTION:
webviewdigital.com.     14349   IN      AAAA    2a02:4780:3:646:0:2b65:ec8:1

;; Query time: 46 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:51:01 CET 2022
;; MSG SIZE  rcvd: 75

~ $

It doesn't look like it is

~ $ dig ns webviewdigital.com

; <<>> DiG 9.16.11 <<>> ns webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62430
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;webviewdigital.com.            IN      NS

;; ANSWER SECTION:
webviewdigital.com.     21001   IN      NS      ns1.dns-parking.com.
webviewdigital.com.     21001   IN      NS      ns2.dns-parking.com.

;; Query time: 40 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:53:00 CET 2022
;; MSG SIZE  rcvd: 95

~ $ dig +dnssec ns webviewdigital.com

; <<>> DiG 9.16.11 <<>> +dnssec ns webviewdigital.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 8751
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 512
;; QUESTION SECTION:
;webviewdigital.com.            IN      NS

;; Query time: 230 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Sun Mar 06 11:53:10 CET 2022
;; MSG SIZE  rcvd: 47
1 Like
9

It might be cached. I always use +trace to mimic (kinda) the resolving method of Unbound used by the LE validation servers.

2 Likes
10

domain is with hostinger but i point to vultr

11

can i use this ?
Commands:
wget -qO wo wops.cc && sudo bash wo
sudo wo site create example.com --wp -le

12

Yep, but I'm asking the same resolver both times.

It has issues with local stub resolvers, like the omnipresent systemd-resolved

1 Like
13

I do not recognize that command. Please use certbot and read its instructions.

You have other issues to solve with your DNS, before trying to issue any certificates. Enter in you domain registrar panel, disable DNSSEC.

Then go in your DNS hosting panel and enable it, following their instructions very carefully.

2 Likes
14

I don't understand. If Hostinger is your DNS provider and not Vultr, why would you point your domain to Vultrs DNS servers?

3 Likes
15

i want to start my website on vultr

16

i did mistake ? i need to update only a record not dns ?

17

You can do whatever you want, as long as you know how to do it.

You can host your DNS on either hostinger or vultr, it only depends on your preferences and needs. Both will work with any VPS.

Using your registrar is probably easier, if you're starting now.

1 Like
18

i guess i need professional, i don't know what to do mate

19

Ok, let's take it slowly.

Log in to hostinger, and disable DNSSEC.

Then, make a backup of your DNS records and enable their DNS services from scratch. During this, you can reenable DNSSEC.

2 Likes
20

image
image1366×768 110 KB