Hi, i am using certbot for long time but starting from April i have issue to renew certificate for my domain. I am not using AAAA record and have set up CAA record for my domain. I have my own DNS server that propagate zones to other secondary servers of which one is currently down. i am getting (my opinion) error that doesnt have anything to do with DNS but it points it to DNS. Please HELP
HTTP 200
Server: nginx
Date: Thu, 27 Jun 2024 23:13:10 GMT
Content-Type: application/json
Content-Length: 676
Connection: keep-alive
Boulder-Requester: 777909396
Cache-Control: public, max-age=0, no-cache
Link: https://acme-v02.api.letsencrypt.org/directory;rel="index"
Replay-Nonce: eF-2qMJ9uxpZ3KlW34thMZ_HKZJuDSsCFqb-ckyQhLp4DmmjKbE
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
{
"identifier": {
"type": "dns",
"value": "postar.tim.rs"
},
"status": "invalid",
"expires": "2024-07-04T23:12:36Z",
"challenges": [
{
"type": "http-01",
"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/369702215937/9oeYpA",
"status": "invalid",
"validated": "2024-06-27T23:12:37Z",
"error": {
"type": "urn:ietf:params:acme:error:dns",
"detail": "DNS problem: server failure at resolver looking up A for postar.tim.rs; DNS problem: server failure at resolver looking up AAAA for postar.tim.rs",
"status": 400
},
"token": "IVEgFYJ89NKNziqb_8qovGuEkBqp45QtEUn8SE_Ng5A"
}
]
My domain is: postar.tim.rs
I ran this command:/usr/bin/certbot certonly --nginx -d postar.tim.rs --force-renewal
It produced this output:
**Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: postar.tim.rs
Type: dns
Detail: DNS problem: server failure at resolver looking up A for postar.tim.rs; DNS problem: server failure at resolver looking up AAAA for postar.tim.rs
My web server is (include version): nginx
The operating system my web server runs on is (include version):rocky linux 8
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):certbot 2.11.0