I’m having trouble with a DNS resolving to the wrong IP address and I’m wondering if it is because of Cert-Manager and Let’s Encrypt/ACME that I tried to use with my Azure kubernetes service.
I originally tried to use Cert-Manager and Let’s Encrypt for my AKS ingress so that it could be verified, but unfortunately it wasn’t working because of being a private DNSZone in Azure. I removed the Cert-Manager pods and setup, plus deleted the cluster to start over. However, when I look up markethound20-dev.com, using digwebinterface, it resolves to an IP address of 22.214.171.124. I used mxtoolbox.com and other things to find out that it is eigbox.net which is Endurance International Group, who is a domain provider.
I’m not seeing anything besides that with markethound20-dev.com as a name, so I’m wondering if something is stuck since I tried to use it with Cert-Manager.
Is there a way I can verify this? Is there a way I can delete the domain, account, or whatever else if it is true that it is stuck with ACME/Let’s Encrypt?
I’ve checked everywhere that I can for a DNS record that shows the 126.96.36.199 in Azure, but unfortunately it isn’t showing up anywhere. I also tore down the AKS clusters to make sure their DNS servers weren’t the problem, but still not able to resolve this issue.
There is a non-authoritative server out there that has the domain linked to that IP address, however. I can’t find where it is at. The only thing I could think of is that the Let’s Encrypt settings were still holding onto some record that it won’t get rid of.
I can’t verify the domain or do anything with it since the IP address is wrong. I tried using cert-manager again to see if it was something stuck with it, but instead I get a Unexpected response code ‘SERVFAIL’ for markethound20-dev.com.letsencrypt.vdeck.eigdyn.com, which google indicates that Let’s Encrypt is unable to process the certificate due to not being able to verify the domain.
I see the acme_challenge TXT record being created, but it won’t update the IP address to the one specified for the DNSZone.
markethound20-dev.com. 172800 IN NS ns1.domain.com.
markethound20-dev.com. 172800 IN NS ns2.domain.com.
So the A record can probably be changed or removed in Domain.com’s control panel.
I’m unsure why Let’s Encrypt couldn’t resolve the _acme-challenge record set. It works for me.
_acme-challenge.markethound20-dev.com. 3600 IN CNAME markethound20-dev.com.letsencrypt.vdeck.eigdyn.com.
markethound20-dev.com.letsencrypt.vdeck.eigdyn.com. 1 IN TXT "chVxiPFesXwH65QL8crFgwSYv2DZxMpVvZVfM6vu3C8"
markethound20-dev.com.letsencrypt.vdeck.eigdyn.com. 1 IN TXT "TtqDot1wqX-8rebAyt-Itbr0ucUzS7KfTOjh0RMvBSI"