Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:app-dev.sec.usace.army.mil
I ran this command:certbot --apache
It produced this output:Waiting for verification...
Challenge failed for domain app-dev.sec.usace.army.mil
http-01 challenge for app-dev.sec.usace.army.mil
Cleaning up challenges
Some challenges have failed.
The following errors were reported by the server:
Detail: DNS problem: SERVFAIL looking up CAA for sec.usace.army.mil
- the domain's nameservers may be malfunctioning
My web server is (include version): apache 2.4
The operating system my web server runs on is (include version): redhat 7
My hosting provider, if applicable, is:aws
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot):certbot 1.7.0
this was all working for the last few months now its hosed. uninstalled /removed all files /reinstalled
dns is fine nslookup app-dev.sec.usace.army.mil
app-dev.sec.usace.army.mil canonical name = ec2-3-213-47-79.compute-1.amazonaws.com.
not sure how I hosed it..have other servers that work fine ..just renewed another .sec domain server this week
now I get the rate limit error..sigh