Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:projetnudite.victorvandijk.nl
I ran this command: I ran the ‘new certificate’ procedure from within my ISP
It produced this output:
Could not validate the choosen hostname for the certificate. No certificate issued.
My web server is (include version): I don’t know
The operating system my web server runs on is (include version): I think it’s Windows, but I’m not sure…
My hosting provider, if applicable, is: mijnhostingpartner.nl
I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): MSP - I think??
It’s one thing to provide the bare minimum with Let’s Encrypt and refuse to help with issues.
But if Let’s Encrypt is failing because of the DNS issues, it’s their responsibility to fix them anyway.
I’m using a validating resolver, so I can’t open https://projetnudite.victorvandijk.nl/ in a web browser. It needs to be fixed whether or not Let’s Encrypt is involved.
Curiously, victorvandijk.nl response appears to (at least partially, in the authority section) be bogus. Both Google and Cloudflare public resolvers SERVFAIL for the CAA record, and Unbound thinks the authority section/SOA RR is bogus.
I wonder if Let’s Encrypt should be checking for any of the RRs to be bogus, not just the answer RRs.
Two of the nameservers are still inaccessible even after the host (partially) fixed the other DNSSEC issues, heh. I’d move my domain somewhere else if I was OP.
I wrote my last post after confirming that projetnudite.victorvandijk.nl was working, including the SOA and the CAA negative response, and ignoring those 2 nameservers being down, but I just assumed victorvandijk.nl was also still working.