Not able to renew my certs

My domain is: namankanabroad.in

I ran this command: php bin/acme issue --domains namankanabroad.in:www.namankanabroad.in --path /home/u964760788/domains/namankanabroad.in/public_html:/home/u964760788/domains/namankanabroad.in/public_html --server letsencrypt

It produced this output: Kelunik\Acme\AcmeException: Couldn’t resolve the following domains to an IPv4 nor IPv6 record: 0, 1

Amp\Dns\ResolutionException: All query attempts failed for namankanabroad.in: No response for ‘namankanabroad.in’ (A) from any nameserver after 2 attempts, tried udp://127.0.0.1:53, udp://153.92.2.25:53, No response for ‘namankanabroad.in’ (AAAA) from any nameserver after 2 attempts, tried udp://127.0.0.1:53, udp://153.92.2.25:53

Amp\Dns\ResolutionException: All query attempts failed for www.namankanabroad.in: No response for ‘www.namankanabroad.in’ (A) from any nameserver after 2 attempts, tried udp://127.0.0.1:53, udp://153.92.2.25:53, No response for ‘www.namankanabroad.in’ (AAAA) from any nameserver after 2 attempts, tried udp://127.0.0.1:53, udp://153.92.2.25:53 in /home/u964760788/acme-client/src/Commands/Issue.php:186

My web server is (include version): Apache 2.4

The operating system my web server runs on is (include version): Debian

My hosting provider, if applicable, is: hostinger.in

I can login to a root shell on my machine (yes or no, or I don’t know): I dont know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @kprabhat

checking your domain you have A-records - https://check-your-website.server-daten.de/?q=namankanabroad.in

Host T IP-Address is auth. ∑ Queries ∑ Timeout
namankanabroad.in A 156.67.222.155 Singapore//Singapore (SG) - HOSTINGER SG No Hostname found yes 2 0
AAAA yes
www.namankanabroad.in C namankanabroad.in yes 1 0
A 156.67.222.155 Singapore//Singapore (SG) - HOSTINGER SG No Hostname found yes

But that

looks that you use an internal dns server on your local machine - 127.0.0.1:53, that’s unusual.

That dns server doesn’t work, so the tool can’t find the correct A record.

Same with

telnet 153.92.2.25 53

there is no answer of that server. That server 153.92.2.25 is online, but no answer (port 80, 53, 443, 465 checked manual).

So fix your local dns setup or ask your hoster.

tracert acme-v02.api.letsencrypt.org

must find the correct ip address and should work.

Hi @JuergenAuer
Thanks a lot for replying. Actually i am new to all this. Can u please say me in detail, how to handle this. I am not able to understand that what is internal dns and from where i have to remove that.
Please help me bro.

Such an internal dns server is very unusual.

So there are two options:

  • Your hoster has installed it -> ask your hoster
  • you have installed it -> so remove it or configure it, so it works.

It’s not a certificate problem, it’s an unknown, buggy local configuration you have to fix.

PS: There

Yeah its a shared hosting. I am using plesk.

This topic:

Looks like there is a mess of different tools.

Hello, I’m having the same problem. I’m using the same command as each time I must renew (could’t do it automatically), but this time didn’t work. It’s the same error. I read everything but didn’t understand what can I do.

Can you help me?

This is the error:

-bash-4.1$ php acme-client/bin/acme issue --domains elregaloquemola.es:www.elregaloquemola.es --path /home/u361353772/public_html:/home/u361353772/public_html --server letsencrypt*

Amp\MultiReasonException: Multiple errors encountered in /home/u361353772/acme-client/vendor/amphp/amp/lib/functions.php:413*

Next Amp\Dns\ResolutionException: All query attempts failed for acme-v01.api.letsencrypt.org: No response for 'acme-v01.api.letsencrypt.org' (A) from any nameserver after 2 attempts, tried udp://127.0.0.1:53, udp://153.92.2.25:53, No response for 'acme-v01.api.letsencrypt.org' (AAAA) from any nameserver after 2 attempts, tried udp://127.0.0.1:53, udp://153.92.2.25:53 in /home/u361353772/acme-client/vendor/amphp/dns/lib/BasicResolver.php:147*

Next Amp\Artax\DnsException: Resolving the specified domain failed: 'acme-v01.api.letsencrypt.org' in /home/u361353772/acme-client/vendor/amphp/artax/lib/DefaultClient.php:422*

Next Kelunik\Acme\AcmeException: Could not obtain directory: Resolving the specified domain failed: 'acme-v01.api.letsencrypt.org' in /home/u361353772/acme-client/vendor/kelunik/acme/lib/AcmeClient.php:213*

Hi @McZhy,
I was not able to renew the certificates with putty. So i tried sslforfree.com and got the same letsencrypt ssl, just in seconds. Its very easy. Just verify your domain with ftp account or dns zone and all set. Get your ssl in few seconds.
If you will face any issue, feel free to be in touch. Hope it will help you to resolve your issue.

1 Like

Hi @McZhy

same question: Why is there a not working local DNS server?

And that client

is two years old.

No update, no upgrade to ACME v2.

ACME v1 is deprecated, new registrations aren’t possible.

But that doesn’t explain why there is a local, not working dns server.

Hi @JuergenAuer

I don’t know why, always worked before.

I followed a Hosting tutorial to install ACME first time, but I didn’t found any to upgrade, maybe part of the problem.

Thanks for helping.

Hi @kprabhat

I tried your solution and it works really well.

It’s simplest for me to use this than using console, so thank you so much.

2 Likes

Of your hoster? Then that’s the problem. A hoster can install local dns server. But if these don’t work, it’s the problem of that hoster.

Yes, from my hoster. Maybe they changed something since last cert update and didn’t document it or I didn’t found anything about. It’s Hosting.

1 Like

Letsencrypt has changed something:

ACME v1 is deprecated

And the CDN has changed:

Looks like there are some hard coded ip addresses used, so the dns client can’t find the api endpoint.

–>> Ask your hoster.

Ok, thanks @JuergenAuer

Finally I will use slforfree.com solution, easy for me.

Thank you for answers. :wink:

2 Likes