We are experiencing an odd issue with a client with the following error for the FQDN
'urn:acme:error:connection': DNS problem: SERVFAIL looking up A for clients.mishraservers.com
Only thing is though, we can’t reproduce this DNS response outside of the http-01 validation process.
I have tried from multiple locations to run
dig +trace clients.mishraservers.com a and the resolution is occuring correctly with status
NOERROR. Same with querying direct to its NS or to caching nameservers.
Would somebody with an internal view of Boulder be able to see what is happening?
Thank you kindly!
Your domain has some issues with DNSSEC (unboundtest.com mimics configuration of DNS resolvers used by Let’s Encrypt):
info: NSEC RRset for the referral proved not a delegation point
If you try checking your domain with DNSViz, which is pretty good DNSSEC diagnostic tool, you’ll also get errors:
It seems there are some problems with the way the domain is delegated.
Perfect! Thanks for unboundtest.com, that will be a great help in future cases.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.