My ssl is not working

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https:kingsvilles.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

    error: one or more domains had a problem:

[kingsvilles.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS
problem: SERVFAIL looking up A for kingsvilles.com - the domain's nameservers
Press [Enter] to continue:
may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for kingsvilles.com

• the domain's nameservers may be malfunctioning
  [www.kingsvilles.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS
  problem: SERVFAIL looking up A for www.kingsvilles.com - the domain's
  nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for
  www.kingsvilles.com - the domain's nameservers may be malfunctioning

Please check our documentation and support forums, we'll be happy to help!

• Bitnami Documentation: https://docs.bitnami.com
• Bitnami Community: GitHub - bitnami/vms: Bitnami Application Catalog VMs

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Welcome to the community @kingsville2

Yes, just as the error says your DNS config is failing. The DNSviz site shows your DNS servers are responding with REFUSED to nearly all requests. This ends up as a SERVFAIL to Let's Encrypt's servers.

As example, the unboundtest site uses DNS similar to Let's Encrypt servers. It is a good test for your DNS as you make changes. Look at the "status" at the top.

You need to correct your DNS.

Your SSL is not working...
Your HTTP is not working...
Your DNS is not working...

Start with DNS and work your way upwards.

Here is what little DNS information I was able to find with nslookup, just trying to assist with debugging.

$ nslookup
> kingsvilles.com
;; Got SERVFAIL reply from 75.75.75.75, trying next server
;; Got SERVFAIL reply from 74.82.42.42, trying next server
Server:         127.0.0.1
Address:        127.0.0.1#53

** server can't find kingsvilles.com: SERVFAIL
>

And https://unboundtest.com/m/CAA/kingsvilles.com/MSH65ACS
And 11 Errors here kingsvilles.com | DNSViz as @MikeMcQ already has shown above.

Here is what ICANN has to say

image1052×780 11.1 KB

$ nslookup
> server NS-CLOUD-E1.GOOGLEDOMAINS.COM
Default server: NS-CLOUD-E1.GOOGLEDOMAINS.COM
Address: 216.239.32.110#53
> kingsvilles.com
Server:         NS-CLOUD-E1.GOOGLEDOMAINS.COM
Address:        216.239.32.110#53

** server can't find kingsvilles.com: REFUSED
>

That list has E1-4 servers.
DNS shows D1-4 servers.

nslookup -q=ns kingsvilles.com a.gtld-servers.net
kingsvilles.com nameserver = ns-cloud-d1.googledomains.com
kingsvilles.com nameserver = ns-cloud-d2.googledomains.com
kingsvilles.com nameserver = ns-cloud-d3.googledomains.com
kingsvilles.com nameserver = ns-cloud-d4.googledomains.com

nslookup kingsvilles.com ns-cloud-d1.googledomains.com
Name:    kingsvilles.com
Address:  34.168.73.75

nslookup kingsvilles.com ns-cloud-e1.googledomains.com
*** UnKnown can't find kingsvilles.com: Query refused

Just more of an inconstancy issue.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.