Unable to obtain Let's Encrypt SSL certificate because of failed challenge for domain "": DNS problem: SERVFAIL looking up A for l

Hi there, we use letsencyrpt for some parked domains, and the weirdest thing. Some domains with same settings and same server are requested with a letsencrypt certificate, and also a lot give back an error. We have no idea what the cause it, because again its exactly the same DNS and settings.

Unable to obtain Let’s Encrypt SSL certificate because of failed challenge for domain “autoschadebedrijven.nl”:
DNS problem: SERVFAIL looking up A for autoschadebedrijven.nl.

Can anyone tell us how to solve this?

Hello @network_lb,

Seems the SERVFAIL error is because autoschadebedrijven.nl has a DNSSEC misconfiguration, Let's Encrypt won't resolve the domain if there are DNSSEC issues.

Take a look to these links and you will see the errors:

http://dnsviz.net/d/autoschadebedrijven.nl/dnssec/
https://dnssectest.net/autoschadebedrijven.nl/A

Cheers,
sahsanu

Hi Sahsanu,

Thnx for your reply! We have solved the issue. Apparently DNSSEC at the Domain Provider is with some domains active and with some not… We have to manually de-activate the DNSSEC in order for the domains not to fail with the LETSENCRYPT. Thanks anyway to help us on our way!

Cheers, B.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.