Let´s encrypt Refuse my domains

I have these domains:

betexpert365.xyz
foretagslan.xyz

I have a total of over 50 different domains on a VPS server with Contabo. It runs on CentOS 8, and I have Plesk Obsidan Web Host Edition. Let´s encrypt tells me that certificates can not be created. The reason is betexpert365.xyz might be blacklisted.

I just registered that domain 1 day ago. That is impossible. If it is blacklisted, please take care of the issue and remove the domain from the blacklist.

For forteagslan.xyz I get another reason. Below is the single error report for the specific domain:
Could not issue an SSL/TLS certificate for foretagslan.xyz
Details

Could not issue a Let’s Encrypt SSL/TLS certificate for foretagslan.xyz . Authorization for the domain failed.

Details

Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5914528738.

Details:

Type: urn:ietf:params:acme:error:dns

Status: 400

Detail: DNS problem: SERVFAIL looking up A for foretagslan.xyz - the domain’s nameservers may be malfunctioning

Below is the total error report attach for both of the domains.
One or more errors occurred:

  • [2020-07-16 11:44:33.595] ERR [extension/letsencrypt] The execution of cli.php has failed with the following message: [2020-07-16 11:44:33.570] ERR [extension/letsencrypt] Domain validation failed for foretagslan.xyz: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5914446616. Details: Type: urn:ietf:params:acme:error:dns Status: 400 Detail: DNS problem: SERVFAIL looking up A for foretagslan.xyz - the domain’s nameservers may be malfunctioning [2020-07-16 11:44:33.575] ERR [extension/letsencrypt] Domain validation failed: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5914446616. Details: Type: urn:ietf:params:acme:error:dns Status: 400 Detail: DNS problem: SERVFAIL looking up A for foretagslan.xyz - the domain’s nameservers may be malfunctioning Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5914446616. Details: Type: urn:ietf:params:acme:error:dns Status: 400 Detail: DNS problem: SERVFAIL looking up A for foretagslan.xyz - the domain’s nameservers may be malfunctioning The execution of cli.php has failed with the following message: [2020-07-16 11:44:33.570] ERR [extension/letsencrypt] Domain validation failed for foretagslan.xyz: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5914446616. Details: Type: urn:ietf:params:acme:error:dns Status: 400 Detail: DNS problem: SERVFAIL looking up A for foretagslan.xyz - the domain’s nameservers may be malfunctioning [2020-07-16 11:44:33.575] ERR [extension/letsencrypt] Domain validation failed: Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5914446616. Details: Type: urn:ietf:params:acme:error:dns Status: 400 Detail: DNS problem: SERVFAIL looking up A for foretagslan.xyz - the domain’s nameservers may be malfunctioning Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/5914446616. Details: Type: urn:ietf:params:acme:error:dns Status: 400 Detail: DNS problem: SERVFAIL looking up A for foretagslan.xyz - the domain’s nameservers may be malfunctioning
  • [2020-07-16 11:44:35.117] ERR [extension/letsencrypt] The execution of cli.php has failed with the following message: Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order. Details: Type: urn:ietf:params:acme:error:rejectedIdentifier Status: 400 Detail: Error creating new order :: Cannot issue for “betexpert365.yxz”: Domain name does not end with a valid public suffix (TLD) (and 2 more problems. Refer to sub-problems for more information.) The execution of cli.php has failed with the following message: Invalid response from https://acme-v02.api.letsencrypt.org/acme/new-order. Details: Type: urn:ietf:params:acme:error:rejectedIdentifier Status: 400 Detail: Error creating new order :: Cannot issue for “betexpert365.yxz”: Domain name does not end with a valid public suffix (TLD) (and 2 more problems. Refer to sub-problems for more information.)
1 Like

Hi @Masse

your configuration is buggy, there is no blacklisting.

Cannot issue for “betexpert365.yxz”: Domain name does not end with a valid public suffix (TLD)

It’s xyz, not yxz.

And your other domain:

There is a refused answer - https://check-your-website.server-daten.de/?q=foretagslan.xyz

Host Type IP-Address is auth. ∑ Queries ∑ Timeout
foretagslan.xyz Refused yes 1 0
www.foretagslan.xyz Refused yes 1 0

So it’s impossible to find an ip address.

Looks like your DNS configuration is broken.

1 Like

Ops! Thanks! I totally missed that. Guess I went blind after registering many today. :laughing:

The other one I will check up, but have looked at the DNS many times. However, I can take it away from my VPS DNS management and re-register it. Thanks for the help and input. i let you know if that one works as well.

betexpert365.xyz worked like a charm. :slight_smile:

1 Like

Hi again @JuergenAuer

I re registered foretagslan.xyz, and I think it went ok. Unfortunately I got the response that I reached the rate limit. Is that something that will go away after some time, so I can try again?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.