[solved] The server could not connect to the client to verify the domain :: Server failure at resolver


running multiple servers with multiple domains each. everything perfect - except when I to get a certificate for two domains (each on a different server) with the .co.bw tld.

Both throw above error. “Server failure at resolver”.
DNS issue? Both domains are visible and working. Both domains have DNS properly configured according to mxtoolbox.com and dnsstuff.com .

Any hints what might cause it?

I’m having the same issue for domain ldap.nics.cc, https://github.com/letsencrypt/boulder/issues/1308

I wonder which dns resolver LE uses, since dig +trace @ ldap.nics.cc returns the write answer

getting closer to resolution :slightly_smiling:

dig “+trace” and unbound

solved :slightly_smiling:

after reading above document I realised it’s not the DNS resolution per se thats at fault (hence mxtoolbox and dnsstuff all cool) but the initialisation of the DNS query on my own servers can’t do what need to be done!

although we use external DNS servers, our servers Plesk DNS was configured as Master. (!?!)
I switched Plesks DNS to act as slave server, configured the 4 external DNS server as Masters, and voila, all working :slightly_smiling: