Unblacklist my domain


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: anbiz.com

I ran this command: install wildcard ssl for the domain

It produced this output:blacklist upon few attemps

My web server is (include version):nginx

The operating system my web server runs on is (include version):CentOS

My hosting provider, if applicable, is:Vultr VPS hosting

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):vesta cp

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):


#2

What’s the actual error?

If you’ve hit a rate limit for failed authorization attempts, that only blocks you for 1 hour.


#3

alright, thanks. if i face the error, i will notify you


#4

I received this error. Can you check it?


#5

This is a normal part of the process when requesting wildcard certs.
Your domain has NOT been blacklisted.

The wildcard validation process is done through DNS.
You need to create a specific DNS entry in your DNS zone with the TEXT provided.

The DNS entry must be for the name:
_acme-challenge.anbiz.com
it must be of type TXT
it must contain the TOKEN provided [letters&number string of characters]

This is explained in the docs [https://certbot.eff.org/docs/using.html#manual]

When using the dns challenge, certbot will ask you to place a TXT DNS record with specific contents under the domain name consisting of the hostname for which you want a certificate issued, prepended by _acme-challenge .

For example, for the domain example.com , a zone file entry would look like:

_acme-challenge.example.com. 300 IN TXT “gfj9Xq…Rg85nM”


#6

Hi @Anbiz

there isn’t a correct DNS TXT entry ( https://check-your-website.server-daten.de/?q=anbiz.com ):

TXT - Entries

Domainname TXT Entry Status ∑ Queries ∑ Timeout
anbiz.com v=spf1 redirect=_spf.mailhostbox.com include:_spf.google.com ip4:45.76.149.189 ip4:45.32.122.196 ~all ok 1 0
www.anbiz.com v=spf1 redirect=_spf.mailhostbox.com include:_spf.google.com ip4:45.76.149.189 ip4:45.32.122.196 ~all ok 1 0
_acme-challenge.anbiz.com 12345 missing entry or wrong length 1 0
_acme-challenge.www.anbiz.com missing entry or wrong length 1 0

12345 has the correct name, but the wrong value.

That name is correct to validate anbiz.com.

So change this value, replace it with the long value Certbot has created.

Same with _acme-challenge.www.anbiz.com.


closed #7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.