Let's Encrypt resolve domain to wrong IP-number

stringkiller · March 9, 2022, 7:18am

NOTE! All theses three domains point with an A-record to 212.112.53.238
but the resulting errror message for all three are the same errournous ip [209.99.64.53] which belongs to datafoundry.com.

My domain is:ymex.net, gateware.com, mailcoach.com

I ran this command: cerbot in Let'encrypt plugin for hassio

It produced this output:
Detail: Invalid response from http://ymex.net/.well-known/acme-challenge/3xCB74Gv8kCmdAWNcFb85Q5yklH3u6x4m24d27-zRDg [209.99.64.53]: "\n\n404 Not Found\n\n

Not Found

\n<p"

My web server is (include version):
cerbot via Let'encrypt plugin for Home Assistant

The operating system my web server runs on is (include version):
bsd, Raspbery Pi4b

My hosting provider, if applicable, is:
Ourselfs, Ymex AB

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

It's part of a automatic environment so not accessible

Please help, explain
Regards
Stig Andersson

Osiris · March 9, 2022, 7:20am

No, they don't.. ymex.net points to 209.99.64.52 and the other 2 point to 209.99.64.53 as resolved by the Let's Encrypt resolver.

You can check yourself by running:

dig +trace ymex.net

Looking at the result of the trace and specifically the hostname of the authorative nameserver:

ymex.net.		300	IN	A	209.99.64.52
;; Received 53 bytes from 209.99.64.52#53(ns1.mydomaincom-expired.domainparkingserver.net) in 205 ms

Did you pay your fees for your domain? As it seems to be parked.

stringkiller · March 9, 2022, 8:05am

Interresting result. Yes, the ymex.net domain had expired, but has been renwed (if you check the whois). Strangely enough - they have not set nameservers back after renewal.

Anyway, check any of the other domains, mailcoach.com or gateware.com. The resulting IP is the same.
Nameservers are ns.ymex.se and ns.ymex.net which we are located in house and under our control.

stringkiller · March 9, 2022, 8:07am

dig gateware.com

; <<>> DiG 9.2.1 <<>> gateware.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7096
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;gateware.com. IN A

;; ANSWER SECTION:
gateware.com. 13798 IN A 212.112.53.238

;; AUTHORITY SECTION:
gateware.com. 18117 IN NS ns.ymex.net.
gateware.com. 18117 IN NS ns.ymex.se.

;; ADDITIONAL SECTION:
ns.ymex.se. 268 IN A 212.112.53.229
ns.ymex.net. 133339 IN A 212.112.53.254

;; Query time: 11 msec
;; SERVER: 212.112.34.12#53(212.112.34.12)
;; WHEN: Wed Mar 9 09:06:50 2022
;; MSG SIZE rcvd: 127

Osiris · March 9, 2022, 8:53am

It seems to be up and running again currently indeed.

You could try to get a certificate again now

system · April 8, 2022, 8:53am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.