Still suffering from #1228 mixed case issue


#1

I’m having this same issue with apache. I’m not quite following enough to understand what I need to do to fix it. Is it based on my DNS server capabilities?

(I’m not allowed to link yet, but it’s github issue #1228)


#2

Just linking:


#3

Do your nameservers use mixed case ( upper and lower) for your domain name ?


#4

Does not look like an routing problem.
Maybe an routing issue to the name server ?

set type=ns
coolaj86.com
Server: UnKnown
Address: 127.0.0.1

Nicht autorisierende Antwort:
coolaj86.com nameserver = ns1.redirect-www.org
coolaj86.com nameserver = ns2.redirect-www.org

server ns1.redirect-www.org
Standardserver: ns1.redirect-www.org
Address: 192.241.238.7

Blog.coolaj86.com
Server: ns1.redirect-www.org
Address: 192.241.238.7

Blog.coolaj86.com nameserver = ns1.redirect-www.org
Blog.coolaj86.com nameserver = ns2.redirect-www.org
ns1.redirect-www.org internet address = 192.241.238.7
ns2.redirect-www.org internet address = 66.172.33.29

Blog.cOolaj86.com
Server: ns1.redirect-www.org
Address: 192.241.238.7

Blog.cOolaj86.com nameserver = ns1.redirect-www.org
Blog.cOolaj86.com nameserver = ns2.redirect-www.org
ns1.redirect-www.org internet address = 192.241.238.7
ns2.redirect-www.org internet address = 66.172.33.29


#5

I think that’s the domain name of the original issue 1228 ( closed ) … not the current posters domain ( unless I’m not understanding )


#6

My DNS is hosted on http://freedns.afraid.org/. They seem to resolve regardless of the case when I test them. @serverco correct, those aren’t my domain names. I’d rather not reveal mine at this time.


#7

Can you give us the command you are running ( with your domain name changed) and the exact errors it gives please ( again with domain name changed)

This is so we know what client you are using ( I’m assuming the main LetsEncrypt client, but don’t know ) and ehat arguments you are passing to it, as well as the exact error messages so we can help debug.


#8

Sure.

./letsencrypt-auto certonly --apache --email makaatman@|my domain| -d |my domain| --agree-tos

Failed authorization procedure. |my domain| (tls-sni-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No IPv4 addresses found for |my domain|

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: |my domain|
    Type: urn:acme:error:unknownHost
    Detail: No IPv4 addresses found for |my domain|


Letsencrypt not working on one of many domains
#9

Thanks - and does everything show up correctly ( no errors) is you check your domain at http://www.intodns.com/ or http://dnscheck.iis.se/ ?


#10

Just to add one more DNS checker to the list http://www.dnsstuff.com/ :wink:


#11

Always a good one :slight_smile: ( although I preferred it slightly when you didn’t need to sign up … that’s going back a few years though :wink: )


#12

I think you guys are pointing me in the right direction.

http://dnscheck.iis.se/ returned:
Delegation not found at parent.
Not enough nameserver information was found to test the zone |my domain|, but an IP address lookup succeeded in spite of that.

http://www.intodns.com/
Looks good for the parent domain name (they don’t check subdomains, maybe I should mention that I’m trying to apply for a cert that goes to a subdomain if it’s relevant.).
The only warning they had was:
Warn SOA MNAME entry WARNING: SOA MNAME (ns1.mydyndns.org) is not listed as a primary nameserver at your parent nameserver!

Also, I don’t think it matters, but the domain I’m trying to setup is on a natted address.


#13

It does sound as if this may be just a DNS setup issue.

The key thing is that your authoritative nameservers needs to provide the correct IP address. For subdomains I tend to use “dig” on a linux box, purely because that’s what I’m used to, to be able to check it. I’m trying to think of the best way to suggest for you to run the relevant checks and ensure your DNS records are all correct.

I’d start by editing your DNS zone file (assuming you can) and correcting the issue about your primary nameserver not being listed at your parent nameserver.

If you are happy to private message me your domain name, I’ll take a quick look


#14

@serverco Thanks for the offer. I am new to these forums but I can’t seem to see any way to send a private message. Maybe because I’m new? Is it possible for you to send one to me and I can reply?

Thanks!


#15

private message sent …


#16

Issue confirmed as not related to mixed case #1228 ( so that issue can remain closed).


#17

A post was merged into an existing topic: Third-party-Tools to check your configuration - Discussion


#18