Author Topic: AutoSSL fails, even though all DNS records, and DNSSEC are set?  (Read 6721 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
AutoSSL fails, even though all DNS records, and DNSSEC are set?
« on: January 19, 2018, 01:56:42 AM »
Fresh install CentOS 6, domain pointed to IP, IP resolves to domain when entered. This is what I get:

AutoSSL Issue Failed![Fri Jan 19 01:38:32 UTC 2018] Single domain='xxxxxx.com'
[Fri Jan 19 01:38:32 UTC 2018] Getting domain auth token for each domain
[Fri Jan 19 01:38:32 UTC 2018] Getting webroot for domain='xxxxxxx.com'
[Fri Jan 19 01:38:32 UTC 2018] Getting new-authz for domain='xxxxxxx.com'
[Fri Jan 19 01:38:33 UTC 2018] The new-authz request is ok.
[Fri Jan 19 01:38:33 UTC 2018] Verifying:xxxxxx.com
[Fri Jan 19 01:38:36 UTC 2018] xxxxxxx.com:Verify error:DNS problem: SERVFAIL looking up A for xxxxxxx.com
[Fri Jan 19 01:38:36 UTC 2018] Please check log file for more details: /root/.acme.sh/acme.sh.log
AutoSSL Issue Failed![Fri Jan 19 01:38:37 UTC 2018] Single domain='xxxxxx.com'
[Fri Jan 19 01:38:37 UTC 2018] Getting domain auth token for each domain
[Fri Jan 19 01:38:37 UTC 2018] Getting webroot for domain='xxxxxxx.com'
[Fri Jan 19 01:38:37 UTC 2018] Getting new-authz for domain='xxxxxxx.com'
[Fri Jan 19 01:38:38 UTC 2018] The new-authz request is ok.
[Fri Jan 19 01:38:38 UTC 2018] Verifying:xxxxxxx.com
[Fri Jan 19 01:38:41 UTC 2018] xxxxxxx.com:Verify error:DNS problem: SERVFAIL looking up A for xxxxxxx.com
[Fri Jan 19 01:38:41 UTC 2018] Please check log file for more details: /root/.acme.sh/acme.sh.log

Offline
**
Re: AutoSSL fails, even though all DNS records, and DNSSEC are set?
« Reply #1 on: January 21, 2018, 08:45:00 PM »
It looks like a DNS issue, what's the output of the below command?

dig A xxxxxx.com

Note:- Make sure to replace xxxxxx.com with an actual domain name. :)
https://www.24x7servermanagement.com/
Server Management, Server Security, Server Monitoring.
India's Leading Managed Service Provider !!

Offline
*
Re: AutoSSL fails, even though all DNS records, and DNSSEC are set?
« Reply #2 on: January 23, 2018, 12:25:15 PM »
Thank you for your help, here is the result.

[root@host ~]# dig a xxxxxx.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4 <<>> a xxxxxx.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 3190
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;xxxxxx.com.                 IN      A

;; Query time: 321 msec
;; SERVER: [redacted server IP]
;; WHEN: Tue Jan 23 12:19:46 2018
;; MSG SIZE  rcvd: 31