Failed to update certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: certbot renew

It produced this output:
Type: dns
Detail: DNS problem: query timed out looking up A for; DNS problem: query timed out looking up AAAA for

Welcome to the community @nedelcuc

Do you have a firewall for your DNS servers? Maybe one that blocks certain IP addresses? Because it looks like the IP addresses for the Let's Encrypt servers are being blocked.

I say this because I see your DNS records just fine from my own test server. And, so does the site that looks up DNS similar to how Let's Encrypt Servers do it.

The Let's Debug test site debug info shows this same pattern. The Debug site's own tests for your DNS are fine. But, it's test with the Let's Encrypt staging system fails to lookup your DNS.


Do you know for what IP I'm looking for?

No. The IP addresses are not published. There will be requests from multiple IP addresses. The IP addresses change even from hour to hour. See details below.

Did you add or change your DNS firewall since you last got a successful cert on 2022-06-25?


No change in the network config!

This log is frim DNS server :
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
16:12:40.005268 IP > 27638% [1au] A? SE.Upg-PloIESTI.RO. (47)
16:12:40.005645 IP > 27638*- 1/0/1 A (81)

As you can see my server receive the request and answer! I test with se subdomain but is the same in app.

I see the request from let's debug but I don't see any requests from the let's encrypt servers

what firewall do you have protecting your DNS servers


I filter the log for lets debug, the output is the same as certbot. I don't think is an firewall problem I’m on linux and not using an adaptive policy!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.