Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https:kingsvilles.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
error: one or more domains had a problem:
[kingsvilles.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS
problem: SERVFAIL looking up A for kingsvilles.com - the domain's nameservers
Press [Enter] to continue:
may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for kingsvilles.com
- the domain's nameservers may be malfunctioning
[www.kingsvilles.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS
problem: SERVFAIL looking up A for www.kingsvilles.com - the domain's
nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for
www.kingsvilles.com - the domain's nameservers may be malfunctioning
Please check our documentation and support forums, we'll be happy to help!
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):
Welcome to the community @kingsville2
Yes, just as the error says your DNS config is failing. The DNSviz site shows your DNS servers are responding with REFUSED to nearly all requests. This ends up as a SERVFAIL to Let's Encrypt's servers.
As example, the unboundtest site uses DNS similar to Let's Encrypt servers. It is a good test for your DNS as you make changes. Look at the "status" at the top.
You need to correct your DNS.
Your SSL is not working...
Your HTTP is not working...
Your DNS is not working...
Start with DNS and work your way upwards.
Here is what little DNS information I was able to find with nslookup, just trying to assist with debugging.
;; Got SERVFAIL reply from 22.214.171.124, trying next server
;; Got SERVFAIL reply from 126.96.36.199, trying next server
** server can't find kingsvilles.com: SERVFAIL
And 11 Errors here kingsvilles.com | DNSViz as @MikeMcQ already has shown above.
Here is what ICANN has to say
> server NS-CLOUD-E1.GOOGLEDOMAINS.COM
Default server: NS-CLOUD-E1.GOOGLEDOMAINS.COM
** server can't find kingsvilles.com: REFUSED
That list has E1-4 servers.
DNS shows D1-4 servers.
nslookup -q=ns kingsvilles.com a.gtld-servers.net
kingsvilles.com nameserver = ns-cloud-d1.googledomains.com
kingsvilles.com nameserver = ns-cloud-d2.googledomains.com
kingsvilles.com nameserver = ns-cloud-d3.googledomains.com
kingsvilles.com nameserver = ns-cloud-d4.googledomains.com
nslookup kingsvilles.com ns-cloud-d1.googledomains.com
nslookup kingsvilles.com ns-cloud-e1.googledomains.com
*** UnKnown can't find kingsvilles.com: Query refused
Just more of an inconstancy issue.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.