Richard G
Verified User
Hello.
I'm running the newest versions of Letsencrypt and Directadmin.
And again I got an error for updating my SSL certificate. And again if I go to Directadmin and do it again, it creates a certificate without issues.
I'm not sure but I thought it was the acme_challenge thing again. It still happens a lot of times.
But today I got another one, which is worse.
Right. But the A record does exists for a long time already and it resolves, so what the....???
I went down and had a look. Then I've seen this:
What? Renew in -4 days? Oke, in that case, let's click the "don't renew" button and create a wildcard certificate. So I did. It said it had removed the keys. Which in fact is not working very good either, because if I look in the SSL section, it still sees the names for the older SSL certificates and it says they are valid until March 27th 2019. So they were not removed very decently.
Anyway I created a new wildcard certificat... took a long time... got a tasq.queue.tmp file, which change in a task.queue file and then...
Oh yeah, oke, first time I asked for a wildcard domain certificate, let's try again.....
Again a /usr/local/directadmin/data/tasq.queue which changes in a tasq.queue.tmp and after some waiting again task.queue after some wait and same retry failed error as above.
What's going on here?
My server is working perfectly. I have my own DNS server, resolv.conf is pointing to 127.0.0.1 and an external server. I can do dig's and nslookups from and to my server.
I'm puzzeled now.
I'm running the newest versions of Letsencrypt and Directadmin.
And again I got an error for updating my SSL certificate. And again if I go to Directadmin and do it again, it creates a certificate without issues.
I'm not sure but I thought it was the acme_challenge thing again. It still happens a lot of times.
But today I got another one, which is worse.
Requesting new certificate order...
Processing authorization for ftp.customerdomain.nl...
Waiting for domain verification...
Trying again...
1..2..3..4..5..
Challenge status: invalid. Challenge error: "type": "http-01", "status": "invalid", "error": { "type": "urn:ietfarams:acme:error:connection", "detail": "dns :: DNS problem: NXDOMAIN looking up A for ftp.customerdomain.nl", "status": 400 . Exiting...
Right. But the A record does exists for a long time already and it resolves, so what the....???
I went down and had a look. Then I've seen this:
What? Renew in -4 days? Oke, in that case, let's click the "don't renew" button and create a wildcard certificate. So I did. It said it had removed the keys. Which in fact is not working very good either, because if I look in the SSL section, it still sees the names for the older SSL certificates and it says they are valid until March 27th 2019. So they were not removed very decently.
Anyway I created a new wildcard certificat... took a long time... got a tasq.queue.tmp file, which change in a task.queue file and then...
Found wildcard domain name and http-01 challenge type, switching to dns-01 validation.
Requesting new certificate order...
Processing authorization for customerdomain.nl...
DNS challenge test fail for _acme-challenge.customerdomain.nl IN TXT "d1JfowE8LjCi3D692ZIY6iljoRm5HZmmhnQp-uhPHk4", retrying...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
Retry failed, trying again in 15s...
DNS validation failed. Exiting...
Oh yeah, oke, first time I asked for a wildcard domain certificate, let's try again.....
Again a /usr/local/directadmin/data/tasq.queue which changes in a tasq.queue.tmp and after some waiting again task.queue after some wait and same retry failed error as above.
What's going on here?
My server is working perfectly. I have my own DNS server, resolv.conf is pointing to 127.0.0.1 and an external server. I can do dig's and nslookups from and to my server.
I'm puzzeled now.