I am using LetsEncrypt on many domains and subdomains . However, I just migrate all my websites to another server, and I have 1 problem only on this subdomain.
I can’t figure out why this error is raised and how to solve it.
I successfully generate various certificates on vairous subdomain of olydri.com, but for this one it’s not working. If you have any ideas
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mobileappdisplay.olydri.com
Waiting for verification…
Challenge failed for domain mobileappdisplay.olydri.com
http-01 challenge for mobileappdisplay.olydri.com
Cleaning up challenges
Some challenges have failed.
apache2 -v
Server version: Apache/2.4.25 (Debian)
Server built: 2019-10-13T15:43:54
The operating system my web server runs on is (include version): Debian 9.12
My hosting provider, if applicable, is: me (OVH)
I can login to a root shell on my machine : yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I use virtualmin in order to manage the website, but the SSL certificates ae managed by me from certbot.
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
./certbot-auto --version
certbot 1.4.0
Do you have any idea on why various people can access it, and other solver says that no A line is accessible ?
Here an extract of my DNS zone :
$ttl 38400
@ IN SOA ns3073891.ip-217-182-173.eu. root.ns3073891.ip-217-182-173.eu. (
1587825384
10800
3600
604800
38400 ) olydri.com. IN A 217.182.173.68 www.olydri.com. IN A 217.182.173.68
… mobileappdisplay.olydri.com. IN A 217.182.173.68
…
Envoi d’une requête ‘ping’ sur mobileappdisplay.olydri.com [217.182.173.68] avec 32 octets de données :
Réponse de 217.182.173.68 : octets=32 temps=33 ms TTL=52
Réponse de 217.182.173.68 : octets=32 temps=32 ms TTL=52
Réponse de 217.182.173.68 : octets=32 temps=33 ms TTL=52
Réponse de 217.182.173.68 : octets=32 temps=33 ms TTL=52
Statistiques Ping pour 217.182.173.68:
Paquets : envoyés = 4, reçus = 4, perdus = 0 (perte 0%),
Durée approximative des boucles en millisecondes :
Minimum = 32ms, Maximum = 33ms, Moyenne = 32ms
The problem is within DNS.
You have to start at the top and work your way down.
Have a look at: https://dnssec-analyzer.verisignlabs.com/olydri.com
Your domain has two DNS servers and they are not synced with each other.