I'm 99% certain this was a temporary issue, possibly maintenance by Media Temple. Hopefully it's fully resolved now. 
If you run into this issue with any of your other domain names, please let us know. I don't like unsolved puzzles. 
4 Likes
It happened again today on an auto-renew of a domain that has not changed in a year. That means it's definitely not browser cache.
1 Like
- 'Lets Encrypt certificate' [days to expire: 29]
[-] hosting.unexpectedcreative.com
Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/14675467559.
Details:
Type: urn:ietf:params:acme:error:dns
Status: 400
Detail: DNS problem: query timed out looking up A for hosting.unexpectedcreative.com
1 Like
I ran some sanity checks.
Though there is currently a partial service disruption:
https://letsencrypt.status.io/
I checked with the Let's Encrypt staff who promptly reported that the nature of the disruption is unrelated to the problem you're seeing. I also haven't seen any other Media Temple users here in the past couple of weeks reporting related problems.
The staff did indicate that Media Temple might be rate-limiting Let's Encrypt's resolvers. This could be due to high traffic relating to many Media Temple users trying to request Let's Encrypt certificates in relatively short order.
Let's Debug did not report any errors:
DNSViz did not report any errors:
https://dnsviz.net/d/hosting.unexpectedcreative.com/dnssec/
Unbound DNS checker results:
https://unboundtest.com/m/A/hosting.unexpectedcreative.com/NP6AQGL5
Please recontact Media Temple and share these results and considerations. Hopefully we can reach a resolution that will be beneficial for you as well as many other Media Temple users.
This might be helpful:
https://dnssec-analyzer.verisignlabs.com/hosting.unexpectedcreative.com
1 Like
@joefino do you resolve this for good? I tried on another browser and still got the same error and can't solved. for now I'm using a ZeroSSL certificate (manually installed) before trying to renew again...
I'm using MT as well and they said they can't provided support on third-part plugins or tools, so it's on us here....
1 Like
It works when it wants to. Switching browsers wasn't a fix. And I am hearing the same thing from MT — it's 3rd party so it's on us.
1 Like
I'm not quite sure how MT's nameserver failures are a third party problem. 
1 Like
So I opened a help ticket about a week ago with MT to get the issue escalated and they have informed me just now that everything has been resolved. I reissued a cert on a site I had trouble with and it went through with no problem. Let's hope it holds.
3 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.