I'm trying to see if there's anything further I can do to troubleshoot this issue. It appears my BIND9 DNS server isn't able to contact LetsEncrypt, however it can do NSLOOKUPs just fine
My domain is: abc.int
I ran this command: certbot certonly --manual --preferred-challenges dns
It produced this output:
Failed authorization procedure. abc.int (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.abc.int
Detail: DNS problem: NXDOMAIN looking up TXT for _acme-challenge.abc.int
The operating system my web server runs on is (include version): Fedora 29 ARM64
My hosting provider, if applicable, is: Internal DNS
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 0.28.0
Are you sure you actually own abc.int domain? If Iām not mistaken, .int is supposed to be reserved for the international treaty-based organisations and itās rather expensive. Also abc.int does not seem to be registered. Based on your mentioning āInternal DNSā as the hosting provider and saying āmy BIND9 DNS serverā, perhaps thatās just the domain name you came up with?
You may use that domain name with your internal server. But I don't see that you are the public owner of that domain. So you can't get a certificate with that domain name.