I can't reg ssl for domain biahoithudo.com

Dear sir,
I have tried many times registering ssl letsencrypt.org for the domain biahoithudo.com
But can't register
Could you please check if letsencrypt.org blocks the domain biahoithudo.com?
I'm looking forward your reply

It's not blocked.

Your domain's DNSSEC settings however, are broken, which would prevent the issuance process from succeeding:

Maybe try disabling DNSSEC on your domain, or go through the DNSSEC setup process again.

6 Likes

See also biahoithudo.com | DNSViz for a more visual view of the DNSSEC issue.

5 Likes

Thank you for your reply
Can you guide me how to install DNSSEC or buy DNSSEC?

1 Like

Thank you for your reply
Can you guide me how to install DNSSEC or buy DNSSEC?

1 Like

This is something you'll need to ask your DNS host, as it's different for every host.

7 Likes

It should all be available in the configuration panel of your DNS provider. If not, indeed, the next thing to do is ask your DNS provider.

5 Likes

@vodjsc since FAQ - Let's Encrypt Let’s Encrypt offers Domain Validation (DV) certificates.
General steps to utlize Let's Encrypt service:

  • Understand Domain Names and Domain Name Services
  • Get a Domain Name and have control over it
  • Add DNS RR Records as needed
  • Make sure the Domain Name's DNS is working correctly
  • Enable DNSSEC
  • Recheck the Domain Name's DNS is working correctly
  • Get your server connected and enable only the services you wish to provide
  • Test using an Internet viewable location, like you cellphone with Wi-Fi turned OFF
  • Now decide what type of Domain Validated Certificate you want; Wildcard, muliti domain, single domain
  • Choose the Domain Validation Challenge based off of your previous choice. There are only 3 to choose from: HTTP-01, DNS-01, TLS-ALPN-01. Challenge Types - Let's Encrypt
  • Open Ports based on the nessary for the challenge type and services you wish to offer
  • Choose an ACME Client and install it ACME Client Implementations - Let's Encrypt
  • Test using Staging Environment - Let's Encrypt
  • Utilize https://letsdebug.net/ to assist testing.
  • Search this forum for the many additional debugging and testing tools; and most importantly the wealth of valuable knowledge, solutions, and experience & expertise
5 Likes

Alternatively, I might try to simplify this to:

(1) Get a domain name and have control over it
(2) Choose a hosting provider/hosting environment that supports Let's Encrypt well
(3) Set up your web site using that provider or environment, and get a Let's Encrypt certificate automatically :slight_smile:

Most difficulties that people run into seem to involve

  • using hosting providers or environments that are uncooperative with Let's Encrypt (that lack a Let's Encrypt integration and also don't give the user administrative access)
  • or where people are trying to use Let's Encrypt certificates on personally-hosted devices (like on a home Internet connection) while being unfamiliar with system administration and networking setup, or where their residential ISP doesn't allow this.
7 Likes

Yes, you are correct @schoen; I was in the context of the above quote. :slight_smile:

6 Likes

Without complicating things, you can try disable DNSSEC, wait a short while, and try issue the certificate again.

If you own the domain and registered it domain with name.com (which it appears to be the case), you can follow the following instructions to disable DNSSEC:

Managing DNSSEC | Name.com.

8 Likes

My domain name is currently DNS at cloudflare.com
So can I install DNSSEC?

The domain name I registered at name.com
But Name does not support DNSSEC so I changed the domain DNS to Cloudflare
My domain name is currently DNS at Cloudflare.com
So how do I configure DNSSEC?
Please help

The domain name I registered at name.com
But Name does not support DNSSEC so I changed the domain DNS to Cloudflare
My domain name is currently DNS at Cloudflare.com
So how do I configure DNSSEC?
Please help

I don't see Cloudflare DNS involved. What did you do to change it?

Because dnsviz, unboundtest, and Let's Debug still report the same errors as before
https://dnsviz.net/d/biahoithudo.com/dnssec/
https://unboundtest.com/m/A/biahoithudo.com/DL2CHEVS

6 Likes

The domain name I registered at name.com
But Name does not support DNSSEC so I changed the domain DNS to Cloudflare
My domain name is currently DNS at Cloudflare.com
So how do I configure DNSSEC?
Please help

1 Like

Maybe it's dns update slow
I just changed my DNS to cloudflare
Please help me check again

Check these:

https://developers.cloudflare.com/dns/additional-options/dnssec

https://www.mondoze.com/guide/kb/understanding-and-configuring-dnssec-in-cloudflare-dns

https://www.cloudflare.com/dns/dnssec/how-dnssec-works/

https://developers.cloudflare.com/registrar/account-options/enable-dnssec

Feel free to add additional related links to the list.

7 Likes

The first step is to disable DNSSEC at Name.com. You need to do this because your current DNSSEC configuration is invalid.

Then, if you want to enable DNSSEC again, you can start from the beginning by following the instructions at Cloudflare.

8 Likes

Awesome, I did it
https://dnsviz.net/d/biahoithudo.com/dnssec/
I have installed letsencrypt SSL
Thank you very much
Wishing the best for you.

3 Likes