How to Resolve Reported DNS Issue

Help
#1

My domain is:
colossean.com

I ran this command:

It produced this output:

Screen Shot 2020-12-20 at 7.33.40 AM
Screen Shot 2020-12-20 at 7.33.40 AM2248×972 339 KB

My web server is (include version):

apache 2.4 running on a bitnami server

The operating system my web server runs on is (include version):

Ubuntu 16.04.6

My hosting provider, if applicable, is:

This is a LightSail Wordpress site on AWS. I use Route53 for DNS

I can login to a root shell on my machine (yes or no, or I don't know):

YES I can, bitnami server with SSH

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

AWS and Wordpress admin

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

0.31.0

I have the same error about "Authoritative Nameserver refused, not defined or timeout" from a similar topic that is closed:

However, the cause for me seems to be different.

(1) I just renewed my cert 1 day ago with certbot. Certbot says it is valid for 88 more days. I have been checking and waiting for the SSL error in my browser to get resolved, but it hasn't resolved yet.
(2) I ran this command - https://check-your-website.server-daten.de/?q=colossean.com - and saw the results, screenshot above.

I bet this is my problem to solve, and not letsencrypt's problem, but I certainly appreciate any help with this.

I have two domains in my cert - colossian.com and mysolutionswork.com. Please let me know if you need any more information to help resolve the "X" score and my DNS issues.

Thank you

1 Like
#2

Hi @BufordTJustice

please read your check result.

#ct-logs part:

Issuer not before not after Domain names LE-Duplicate next LE
R3 2020-12-19 2021-03-19 *.colossean.com, *.mysolutionswork.com, colossean.com, mysolutionswork.com
4 entries
Let's Encrypt Authority X3 2020-09-19 2020-12-18 *.colossean.com, *.mysolutionswork.com, colossean.com, mysolutionswork.com
4 entries
Let's Encrypt Authority X3 2020-08-28 2020-11-27 *.colossean.com, colossean.com
2 entries
Let's Encrypt Authority X3 2020-08-28 2020-11-26 *.colossean.com, colossean.com
2 entries

So you have created a new (R3) Letsencrypt certificate.

But #certificates part:

CN=colossean.com
	19.09.2020
	18.12.2020
2 days expired	*.colossean.com, *.mysolutionswork.com, 
colossean.com, mysolutionswork.com - 4 entries

So you use the old, expired certificate.

Did you restart your webserver? That's required.

The Grade X is completely unrelevant. You should fix that, but

  • the #comments part has all required informations
  • that's a global dns configuration, not part of this forum
1 Like
#3

I'm getting a DigiCert certificate valid until December 2021? Used the wrong domain name which was erroneously put in the OP....

Well, to be honest, "grade X" does sound like the webserver is utterly and terribly configured and it should be fixed immediately. "X" sounds like the webserver is broken. "X" sounds like the sysop needs to fix it right away. I've said before that the grading system used by check-your-server doesn't make any sense and the confusion in this thread proves that IMO. Perhaps you should think of re-designing the grading system of your tool to make it more intuitive.

1 Like
#4

Thank you @JuergenAuer for such a quick response.

It was the restart!!

I forgot that fundamental important step, thank you.

3 Likes
#5

It seems that is not your domain name.. :confused: Confused the heck out of me.

2 Likes
#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.