My web server is (include version): Nginx
The operating system my web server runs on is (include version): Proprietary (Pantheon hosting)
My hosting provider, if applicable, is: Pantheon
I can login to a root shell on my machine (yes or no, or I don't know): not really...
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Proprietary (Pantheon hosting)
Lovely people, I know you helped me with a similar problem in the past, and it was found to rest on NetSol's shoulders, but I am merely looking for something to give the customer to use as ammo when they call(?) NetSol to ask that this be fixed. Sadly, I am not that versed in reading any of this...
I think that the fact that no CAA appears for either DNSViz (thanks for the trick regarding the advanced settings!) is telling, but I don't know how... Can anyone point me toward something I can either give the customer, or something I can point my dull brain at?
As always, thank you so so much!
Let's Debug results:
All OK! OK No issues were found with cyberthreatalliance.org. If you are having problems with creating an SSL certificate, please visit the Let's Encrypt Community forums and post a question there.
DNSLookupFailed FATAL A fatal issue occurred during the DNS lookup process for www.cyberthreatalliance.org/CAA. DNS response for www.cyberthreatalliance.org had fatal DNSSEC issues: validation failure <www.cyberthreatalliance.org. CAA IN>: nodata proof failed from 188.8.131.52 and 184.108.40.206
DNSViz's DNSSEC viewer, set to CAA only, is blank for both:
CAA record lookup (via Google) for both are differrent:
id 30505, opcode QUERY, rcode NOERROR, flags QR RD RA ;QUESTION cyberthreatalliance.org. IN CAA ;ANSWER ;AUTHORITY cyberthreatalliance.org. 1800 IN SOA NS9.WORLDNIC.COM. namehost.WORLDNIC.COM. 122042118 10800 3600 604800 3600 ;ADDITIONAL
id 4268, opcode QUERY, rcode SERVFAIL, flags QR RD RA ;QUESTION www.cyberthreatalliance.org. IN CAA ;ANSWER ;AUTHORITY ;ADDITIONAL
Unboundtest.com results for both:
Last lines: Apr 22 20:12:21 unbound[306927:0] info: validated DNSKEY cyberthreatalliance.org. DNSKEY IN Apr 22 20:12:21 unbound[306927:0] info: validate(positive): sec_status_secure Apr 22 20:12:21 unbound[306927:0] info: validation success cyberthreatalliance.org. CAA IN
Last lines: Apr 22 20:13:41 unbound[306931:0] info: reply from <cyberthreatalliance.org.> 220.127.116.11#53 Apr 22 20:13:41 unbound[306931:0] info: query response was nodata ANSWER Apr 22 20:13:41 unbound[306931:0] info: validate(nodata): sec_status_bogus