Get "Invalid domain" error when trying to create a certificate

Bruce5051 · January 4, 2023, 10:15pm

Even if I ask for the SOA I do not get it for boboserverw.boboworld.com

$ nslookup -q=soa boboserverw.boboworld.com ns85.worldnic.com.
Server:         ns85.worldnic.com.
Address:        162.159.26.131#53

*** Can't find boboserverw.boboworld.com: No answer

$ nslookup -q=soa boboworld.com ns85.worldnic.com.
Server:         ns85.worldnic.com.
Address:        162.159.26.131#53

boboworld.com
        origin = NS85.WORLDNIC.com
        mail addr = namehost.WORLDNIC.com
        serial = 123010217
        refresh = 10800
        retry = 3600
        expire = 604800
        minimum = 3600

Bruce5051 · January 4, 2023, 10:16pm

Sorry @kenhumphries,

Can you give us a screenshot of the SOA?

Thanks!

kenhumphries · January 4, 2023, 10:18pm

With the DNSSEC off, I was able to get the certificate. Also, they don't give you access to the SOA on the site.

Bruce5051 · January 4, 2023, 10:19pm

Thanks for letting us know.

MikeMcQ · January 4, 2023, 10:20pm

nslookup gives those results for me for other domains too - not just this one in this thread. I usually use dig so don't know what it normally does but doesn't seem off to me.

Bruce5051 · January 4, 2023, 10:21pm

Yeah, things didn't (or don't) seem to add up so I was looking for what Network Solutions thinks they are serving.

MikeMcQ · January 4, 2023, 10:22pm

I get those same kind of nslookup results on an AWS Route53 domain.

rg305 · January 4, 2023, 10:24pm

Checking some of the well-known domains on the net...
It seems about 50/50 that will return a SOA record for an FQDN/subdomain that doesn't exist.
nslookup -q=soa not.a.real.name.or.zone.EXAMPLE.COM
[replacing EXAMPLE.COM with FB, IG, Twitter, Google, IBM, MS, etc.]

system · February 3, 2023, 10:25pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.