My domain is: affilisite.com
you have ipv4 - addresses ( https://check-your-website.server-daten.de/?q=affilisite.com ):
|Host||T||IP-Address||is auth.||∑ Queries||∑ Timeout|
But you have DNSSEC enabled. So there is a DS record in your parent zone.
1 DS RR in the parent zone found 1 RRSIG RR to validate DS RR found Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 13.05.2019, 05:17:24, Signature-Inception: 06.05.2019, 04:07:24, KeyTag 3800, Signer-Name: com • Status: Good - Algorithmus 8 and DNSKEY with KeyTag 3800 used to validate the DS RRSet in the parent zone 0 DNSKEY RR found Fatal error: Parent zone has a signed DS RR (Algorithm 13, KeyTag 31494, DigestType 2, Digest ayjvf2TsBGVpcOSg1l5UcfjXQPj0L+i3663FDqNgK3Y=), but the destination DNSKEY doesn't exist or doesn't validate the DNSKEY RR set. No chain of trust created.
But your zone doesn't have a DNSKEY. So your DNSSEC is invalid.
Rechecked with DNSSEC Analyzer - affilisite.com to see if my tool has a bug - the same result.
Found 1 DS records for affilisite.com in the com zone DS=31494/SHA-256 has algorithm ECDSAP256SHA256 Found 1 RRSIGs over DS RRset RRSIG=3800 and DNSKEY=3800 verifies the DS RRset No DNSKEY records found affilisite.com A RR has value 188.8.131.52 No RRSIGs found
So fix your DNSSEC or remove the DS entry in the parent zone, so your zone isn't secure.
PS: You have a cPanel certificate:
|CRT-Id||Issuer||not before||not after||Domain names||LE-Duplicate||next LE|
|1436454313||CN=“cPanel, Inc. Certification Authority”, O=“cPanel, Inc.”, L=Houston, C=US, ST=TX||2019-05-02 00:00:00||2019-07-31 23:59:59||affilisite.com, cpanel.affilisite.com, mail.affilisite.com, webdisk.affilisite.com, webmail.affilisite.com, www.affilisite.com|
If you use cPanel, you should use cPanel to create a certificate. Perhaps cPanel ignores that DNSSEC error (I don’t know).
Thanks for your help, all sorted now. Can you edit where my site name is included so this page it isn’t indexed by Google?
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.