SSL is not getitng issued on WWW URL


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

We are trying to install SSL on but getting below errors
: [Wed Jul 11 14:12:39 IST 2018] error:DNS problem: SERVFAIL looking up A for

DNS are proper for the domain still facing issues.

My web server is (include version): Tomcat

The operating system my web server runs on is (include version): CentOS 6

My hosting provider, if applicable, is: Milesweb

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Webuzo


Hi Manish,

The reason is probably due to your domain’s nameservers sending bogus NS records.

Your actual nameservers are as follows:          172800  IN      NS          172800  IN      NS

However, when making an inquiry at those nameservers, they are giving an incorrect referral to other nameservers:

$ dig +noall +authority          3600    IN      NS          3600    IN      NS

Those two nameservers (21 and 22), don’t actually contain the zone data for your domain, and give a REFUSED response code.

What’s happening (probably) is that Let’s Encrypt is picking up those two referrals to ns21 and n22, except when it tries to use them, it gets a REFUSED, which leads to the SERVFAIL.

So what you should do is locate those two incorrect NS records and either remove them or amend them to the correct nameservers (ns51 and ns52).


Thanks for the details.

I will check the DNS settings of the domain and see if it works.

Thanks again.


Hi .There is an easy way to get an SSL certificate from lets-encrypt via zerossl. If you are interested here is a guide.


…which won’t help in the least if the DNS entries are messed up.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.