Tried multiple methods but keep getting SERVFAIL

lukadadiani · December 19, 2017, 11:19am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
www.uxcourse.com

I ran this command:
sudo certbot --apache
&& also tried
certbot -d uxcourse.com --manual --preferred-challenges dns certonly

It produced this output:
Domain: uxcourse.com
Type: connection
Detail: DNS problem: SERVFAIL looking up TXT for
_acme-challenge.uxcourse.com

My web server is (include version):
ubuntu 17.04 hosted on linode 2gb

The operating system my web server runs on is (include version):
ubuntu 17.04

My hosting provider, if applicable, is:
Linode

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no

mnordhoff · December 19, 2017, 11:25am

In the Linode DNS manager, the zones are called “www.uxcourse.com” and “www.re-thought.com”. Therefore other subdomains fail to resolve.

You need to go to https://manager.linode.com/dns, click on your domains, click on “Settings” near the top, and change the names to “uxcourse.com” and “re-thought.com”.

It shouldn’t require any other changes to your settings.

lukadadiani · December 19, 2017, 11:31am

Thanks! I have made this change and re-done this straight away but i got the same error, I am guessing i will have to wait for changes to take place?

mnordhoff · December 19, 2017, 11:32am

Yeah.

It should either start working right now, or about 15 minutes from now.

lukadadiani · December 19, 2017, 11:45am

Thanks that worked but something is not quite right on one of the domains i get the following error:

www.re-thought.com uses an invalid security certificate. The certificate is only valid for re-thought.com Error code: SSL_ERROR_BAD_CERT_DOMAIN

mnordhoff · December 19, 2017, 11:49am

The certificate needs to include both re-thought.com and www.re-thought.com.

With “certbot --apache”, both can be selected at its prompts. If only one is listed, make sure the Apache configuration includes ServerName or ServerAlias settings for the other one.

With “certbot certonly --manual”, you can run, for example, “certbot -d uxcourse.com -d www.uxcourse.com --manual --preferred-challenges dns certonly”.

system · January 18, 2018, 11:50am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.