No valid IP addresses found


#1

Hi All,
I have a problem in creating SSL Certificate on Plesk Onyx with all domains hosted on my server 176.9.92.203
On my second server with different IP I have no problems.
Can you help me?
Thank you in advance

This is the error that Let’s Encrypt returns (example with www.artproject.it domain. It’s the same with all domains on this server):


Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for artproject.it
http-01 challenge for www.artproject.it
Starting new HTTPS connection (1): 127.0.0.1
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. artproject.it (http-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for artproject.it
IMPORTANT NOTES:

  • The following errors were reported by the server:

Domain: artproject.it
Type: unknownHost
Detail: No valid IP addresses found for artproject.it

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.


#2

there is something perculiar about the dns configuration and server.
When querying artproject.it (the parent zone to www.blah) there is no answer. Having no A/AAAA record there is okay, but not answering (in contrast to answering ‘nothing found’) is not.
Your DNS servers appear to be broken.


#3

How is it possibile? All the websites on server run with no problems, they all are reachable.
If you ping artproject.it everything seems to be ok.
What can I do, any suggestion?


#4

Start by getting the serial number in your SOA record fixed.
Currently it is:

artproject.it. 5940 IN SOA dns.technorail.com. hostmaster.artproject.it. 1 86400 7200 2592000 3600

the ‘1’ is just wrong. it should be something like

kitsune.dk. 3600 IN SOA ns1.quickdns.dk. hostmaster.quickdns.dk. 2016040904 14400 7200 2415600 3600

The ‘2016040904’ is the serial number of the zone, and yes it is supposed to be formatted like a date with an additional 2-digit count. It must be increased every time the zone is modified, so don’t set it to an arbitrarily huge value - that will cause really-hard-to-fix problems.

edit:

[root@cm3 blocktester]# ping artproject.it
ping: artproject.it: No address associated with hostname


#5

Problem solved by myself.
There was an error in setup of “@” in spite of a “blank” field needed by technorail provider.

Thank you very much for kind support.


#6

Yes, you have an A record in there now. Be aware that your zone is still broken, so when (not if) it works for some users and not others, you know where to fix it.


#7

An unusual serial number, even 1, is surprising but not inherently invalid.

Right now i have a zone with the serial number 1 (not a typical implementation, replication isn’t based on traditional zone transfers) and one with the serial number 2 (typical implementation, happens not to use date-based serial numbers, only modified once).


#8

I have same problem with www.dublin-constructionjobs.com.
Verify error:No valid IP addresses found for www.dublin-constructionjobs.com
But top domain dublin-constructionjobs.com verify was succesfull. DNS records are correct.
# nslookup www.dublin-constructionjobs.com
Server: 8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
www.dublin-constructionjobs.com canonical name = dublin-constructionjobs.com.
Name:   dublin-constructionjobs.com
Address: 52.16.160.97

#9

There are errors in your DNS - see http://dnsviz.net/d/www.dublin-constructionjobs.com/dnssec/


#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.