My domain is:
lxsky.flibsy.com
I ran this command:
letsencrypt --dry-run renew (certbot is version 0.14.1)
It produced this output:
Domain: lxsky.flibsy.com
Type: connection
Detail: DNS problem: SERVFAIL looking up A for lxsky.flibsy.com
My web server is (include version):
Apache/2.4.6
The operating system my web server runs on is (include version):
CentOS 7
My hosting provider, if applicable, is:
www.hetzner.de
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
As visible above, letsencrypt refuses to renew a domain which is currently in use. What could be wrong here?
rg305
2
doesn't resolve to any IP.
[edit]
most global DNS systems can't (yet) resolve the nameservers for that domain. (a few can)
maybe in a few hours global DNS will sync...
The domain must be very new: flibsy.com whois lookup - who.is
Strange … the domain was registered in February, and works fine here.
What I did is I migrated to different DNS-servers end of last week.
Strange that this does not seem to be propagated yet.
Even then, the “old” DNS-servers had the same configuration.
[yves@yves ~]$ host -a flibsy.com
Trying “flibsy.com”
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6721
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;flibsy.com. IN ANY
;; ANSWER SECTION:
flibsy.com. 86376 IN RRSIG DS 8 2 86400 20170707045614 20170630034614 27302 com. DRzXPdZQtW+eDG2mRrnAzwBWWvXMsJRUZd+EtQXktifrM7f4iSnCFqaQ G3Si2f1BMcQoolqHxEbRWz0GGccV024WanHV9gLHjDhS3EDpKh2oXZJH 8U6h7TTjQdwZMxjdrFOPhRK64IxhygMlBoXbXZEF9h6+0Ju2jneFbUW9 jEM=
flibsy.com. 86376 IN DS 36271 8 1 903D30E53CDD130155B3DA04ADEA75BF8FFB2EC3
flibsy.com. 86380 IN NS ns1.eurodns.com.
flibsy.com. 86380 IN NS ns3.eurodns.com.
flibsy.com. 86380 IN NS ns4.eurodns.com.
flibsy.com. 86380 IN NS ns2.eurodns.com.
[yves@yves ~]$ host -a lxsky.flibsy.com
Trying “lxsky.flibsy.com”
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50844
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;lxsky.flibsy.com. IN ANY
;; ANSWER SECTION:
lxsky.flibsy.com. 3576 IN A 78.46.225.225
rg305
4
to see what some others see, try:
host -a flibsy.com 8.8.8.8
host -a lxsky.flibsy.com 8.8.8.8
yglodt
6
Thanks for all your comments. I removed the broken DNSSEC and now it works.
1 Like
system
Closed
7
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.