I am trying to issue https certificate using certbot certonly --manual, but it says that "Certbot failed to authenticate some domains"

My domain is: 9.cr

I ran this command: certbot certonly --manual

It produced this output:
Certbot failed to authenticate some domains (authenticator: manual). The Certificate Authority reported these problems:
Domain: 9.cr
Type: dns
Detail: DNS problem: looking up A for 9.cr: DNSSEC: DNSKEY Missing; DNS problem: looking up AAAA for 9.cr: DNSSEC: DNSKEY Missing

Hint: The Certificate Authority failed to verify the manually created challenge files. Ensure that you created these in the correct location.

Some challenges have failed.

My web server is (include version):

The operating system my web server runs on is (include version): Ubuntu 22.04.3 LTS

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.21.0

Logs in the /var/log/letsencrypt/letsencrypt.log:
DEBUG:certbot._internal.display.obj:Notifying user: No renewals were attempted.
DEBUG:certbot._internal.display.obj:Notifying user: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
DEBUG:certbot._internal.renewal:no renewal failures
DEBUG:certbot._internal.main:certbot version: 1.21.0
DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
DEBUG:certbot._internal.main:Arguments: ['-q']
DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
DEBUG:certbot._internal.log:Root logging level set at 40
DEBUG:certbot._internal.display.obj:Notifying user:

DNSSEC is severely broken for your domain name.

See also e.g. 9.cr | DNSViz.


Hello @Krinix,

Adding to @Osiris, correct analysis:



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.