I need Help, cant renew certificate!

mnordhoff · December 26, 2018, 10:51pm

I'm concerned. None of ma.gov.br's nameservers support TCP, but their DNSKEY record set is close to 1.2 KB.

Let's Encrypt is unable to resolve -- let alone issue certificates for -- anything under ma.gov.br.

Let's Encrypt made the EDNS buffer size change on 2018-11-15, and haven't issued a certificate for the zone since 2018-11-14.