I’m looking for some support since I’m running out of ideas.
My domain is: apia.ctmconsulting.it
I ran this command: certbot --authenticator standalone --installer apache --pre-hook “service apache2 stop” --post-hook “service apache2 start”
It produced this output:
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Running pre-hook command: service apache2 stop
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for apia.ctmconsulting.it
Waiting for verification…
Cleaning up challenges
Running post-hook command: service apache2 start
Failed authorization procedure. apia.ctmconsulting.it (http-01): urn:acme:error:dns :: DNS problem: query timed out looking up A for apia.ctmconsulting.it
The following errors were reported by the server:
Detail: DNS problem: query timed out looking up A for
I have already checked DNSSEC and stuff like that, but for .it domains I cannot set DS records in my registrar.
What am I doing wrong?
I don’t know, and it seems like it’s broken again.
When you had only one nameserver delegated (22.214.171.124), Let’s Encrypt seemed to be able to resolve the domain, but after you re-added the second one (126.96.36.199), it seems like query timeouts and SERVFAILs are back. Or maybe the reboots were the only relevant factor.
A staff member may be able to check the server-side logs for you, when they become available.