.news and .org has problems giving a certificate

kargalettalolitadavi · December 8, 2020, 12:35am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
thelegalusa.news
thelegalusa.org

I have had the same problems using cloud vps; then changing to another vps; then trying to get the ssl certificate for a shared webhosting and nothing is working.

It extremely difficult to write anything on here.

rg305 · December 8, 2020, 12:47am

Hi and welcome to the LE community forum!

If you could answer these questions below (and add any other information you may find relevant) you will be better served:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

rg305 · December 8, 2020, 12:53am

In the meantime, you could review your zone DNS configuration:
DNS Spy report for thelegalusa.org

kargalettalolitadavi · December 8, 2020, 1:47am

I have the domain names:
thelegalusa.news
And I have another domain name as:
thelegalusa.org

Neither tlds .news or .org will allow an ssl certificate from lets encrypt.
I also have thelegalusa.com, thelegalusa.net, and thelegalusa.info.

Those tlds don't have a problem with any requests for an ssl certificate from Lets Encrypt. So is there a problem with the other tlds where Lets Encrypt doesn't not encrypt for those tlds?

schoen · December 8, 2020, 2:35am

Nope, they're fine! You just haven't set an A (address) record in DNS for those domains, unlike your other domains. The .news and .org domains only have MX records for e-mail, but are missing the A records which for your other domains point to 8.12.16.118.

kargalettalolitadavi · December 8, 2020, 6:11pm

I originally had them with my vps server for that ip address and it kept failing. It would see/check the dns record, but would not go through. Cloudways could not figure out why either so I tried using a different ip address for a different hosting and it still did not work for .news or .org. I do not know if it's because I recently bought those domain names and namecheap has privacy guard on them, without my permission. However, I bought . info from a different registrar and I was not having that problem.

rg305 · December 8, 2020, 6:27pm

I don't think privacy guard has anything to do with this problem.
You need to verify DNS first.

schoen · December 9, 2020, 1:45am

Agreeing with @rg305 — if you can get the DNS records fixed so that they actually point at your server, then there could potentially be another problem (that we could try to help diagnose), but the validation can't proceed at all while the DNS A records are missing.

system · January 8, 2021, 1:53am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.