My domain is:
project-why.bloc.net, project-a.bloc.net, rogeriotest.bloc.net
I ran this command:
certbot -n certonly --manual --test-cert
–expand --no-eff-email --renew-with-new-domains --break-my-certs --manual-public-ip-logging-ok --preferred-challenges=http --email admin@test.te
–config-dir {srcdir}/letsencrypt \
--work-dir {srcdir}/lib
–logs-dir {srcdir}/logs/letsencrypt \
--manual-auth-hook {srcdir}/authenticator.sh
–manual-cleanup-hook {srcdir}/cleanup.sh \
--deploy-hook {srcdir}/deploy.sh
-d project-why.bloc.net,project-a.bloc.net,rogeriotest.bloc.net
It produced this output:
"type": "urn:ietf:params:acme:error:caa",
"detail": "Error finalizing order :: While processing CAA for rogeriotest.bloc.net: DNS problem: query timed out looking up CAA for rogeriotest.bloc.net",
"status": 403,
"identifier": {
"type": "dns",
"value": "rogeriotest.bloc.net"
}
},
{
"type": "urn:ietf:params:acme:error:caa",
"detail": "Error finalizing order :: While processing CAA for project-a.bloc.net: DNS problem: query timed out looking up CAA for project-a.bloc.net",
"status": 403,
"identifier": {
"type": "dns",
"value": "project-a.bloc.net"
}
},
{
"type": "urn:ietf:params:acme:error:caa",
"detail": "Error finalizing order :: While processing CAA for project-why.bloc.net: DNS problem: query timed out looking up CAA for project-why.bloc.net",
"status": 403,
"identifier": {
"type": "dns",
"value": "project-why.bloc.net"
My web server is (include version):
IIS 7
The operating system my web server runs on is (include version):
Windows 2016
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 1.1.0
but i tried to check by myself
dig bloc.net ns
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> bloc.net ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42624
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;bloc.net. IN NS
;; ANSWER SECTION:
bloc.net. 21599 IN NS ns3.hyp.net.
bloc.net. 21599 IN NS ns2.hyp.net.
bloc.net. 21599 IN NS ns1.hyp.net.
;; Query time: 56 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Mar 12 08:07:03 CET 2020
;; MSG SIZE rcvd: 95
host -t CAA bloc.net ns3.hyp.net
Using domain server:
Name: ns3.hyp.net
Address: 151.249.126.3#53
Aliases:
bloc.net has no CAA record
host -t CAA rogeriotest.bloc.net ns3.hyp.net
Using domain server:
Name: ns3.hyp.net
Address: 151.249.126.3#53
Aliases:
rogeriotest.bloc.net is an alias for webfarm1.bloc.net.
host -t CAA webfarm1.bloc.net ns3.hyp.net
Using domain server:
Name: ns3.hyp.net
Address: 151.249.126.3#53
Aliases:
webfarm1.bloc.net has no CAA record
i don’t get any error related with time out