The server could not resolve a domain name

mf_bln · November 5, 2015, 10:51pm

Hello,

i get the following error message if i try to get an certificate.

Failed authorization procedure. www.leinwand-bilder.com (http-01): unknownHost :: The server could not resolve a domain name :: No IPv4 addresses found for www.leinwand-bilder.com

The DNS resolution is still ok, but why letsencrypt could not resolve this dns name?

Best regards
Dirk

mf_bln · November 6, 2015, 7:57pm

Hello,

today i receive the same error. How can i contact the sysadmins from Let’s Encrypt?

The DNS A record is correct and works. The problem is by Let’s Encrypt.

Best regards
Dirk

mf_bln · November 6, 2015, 8:05pm

May be there is a problem with captital letters in an A record?

www.LEINWAND-BILDER.COM. 3600 IN A 82.211.34.132

mf_bln · November 7, 2015, 1:01pm

Hello,

all responsible DNS Server answer with the correct A record.

Why i still get the error: “Failed authorization procedure. www.leinwand-bilder.com (http-01): unknownHost :: The server could not resolve a domain name :: No IPv4 addresses found for www.leinwand-bilder.com”

Why i don’t receive an answer? The certificate is only 90 days signed and if there are problems with dns in the future nobody can help? Hmm, so i can not use Let’s Encrypt certificates, because i need my site 24/7 hours with ssl support.

nslookup www.leinwand-bilder.com ns1.core-networks.de

Server: ns1.core-networks.de
Address: 194.213.5.254#53

Name: www.LEINWAND-BILDER.COM
Address: 82.211.34.132

nslookup www.leinwand-bilder.com ns3.core-networks.com

Server: ns3.core-networks.com
Address: 82.96.73.254#53

Name: www.LEINWAND-BILDER.COM
Address: 82.211.34.132

nslookup www.leinwand-bilder.com ns2.core-networks.eu

Server: ns2.core-networks.eu
Address: 78.111.72.98#53

Name: www.LEINWAND-BILDER.COM
Address: 82.211.34.132

Best regards
Dirk

jsha · November 8, 2015, 7:19am

Thanks for reporting, this looks like a bug in Boulder. I’ve filed an issue: https://github.com/letsencrypt/boulder/issues/1112

eva2000 · November 8, 2015, 7:22am

reminds is there a known list of dns servers that LE checks ?

jsha · November 8, 2015, 7:24am

I’m afraid not, sorry.

eva2000 · November 8, 2015, 7:27am

no worries, it would be nice to have though as my LE integration is currently checking against only 8.8.8.8 to see if a scripted nginx vhost domain name has a valid A record and that email address for LE account rego has MX record before pre-populating the custom cli.ini config file used for webroot authentication.

Just in the off chance 8.8.8.8 or one of your dns servers you check against doesn’t agree with each other.