Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Requesting a certificate for gitlab.pojagi.org and 2 more domains
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: www.pojagi.org
Type: dns
Detail: DNS problem: SERVFAIL looking up CAA for www.pojagi.org - the domain's nameservers may be malfunctioning
Domain: gitlab.pojagi.org
Type: dns
Detail: DNS problem: SERVFAIL looking up A for gitlab.pojagi.org - the domain's nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for gitlab.pojagi.org - the domain's nameservers may be malfunctioning
Domain: mealie.pojagi.org
Type: dns
Detail: DNS problem: SERVFAIL looking up A for mealie.pojagi.org - the domain's nameservers may be malfunctioning; no valid AAAA records found for mealie.pojagi.org
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
My web server is (include version):
nginx version: nginx/1.22.1
The operating system my web server runs on is (include version):
DNSLookupFailed
Fatal
A fatal issue occurred during the DNS lookup process for www.pojagi.org/AAAA.
DNS response for www.pojagi.org/AAAA could not be resolved within the timeout. This may indicate slow or unresponsive nameservers
This is a failure of your DNS Servers (and / or their configuration).
This all started when I wanted to add "mealie" (a self-hosted recipe management app) as a subdomain. I let certbot manage the nginx conf, which it does great. I looked back at the last time the cron job ran, and it looks like there are 51 days left on the last one which included gitlab and some other subdomains I don't want anymore.
I looked again at the certbot installation instructions, and it looks like the way I've installed it is out of date, so I'm reinstalling via pip in a virtualenv. That shouldn't have any effect on this, though, right?
I suggest contacting GoDaddy and see what they say about ns59.domaincontrol.comns60.domaincontrol.com not responding properly for DNS Authoritative Name Servers.
DNSLookupFailed
Fatal
A fatal issue occurred during the DNS lookup process for duckdns.org/CAA.
DNS response for duckdns.org/CAA could not be resolved within the timeout. This may indicate slow or unresponsive nameservers
When did you add duckdns as a DNS provider? Because we have seen repeated problems with people using their service in recent weeks. And, it looks like you are also suffering from that: