Solved cannot renew or setup wildcard Letsencrypt

G

gate2vn

Verified User
Joined
Nov 9, 2004
Messages
513
Location
Oslo
The dns_ttl=1 is already existing in DA conf. CentOS 7.9 and DA latest build, Letsencrypt 2.0.31. The wildcard was setup before, but on the time renewal, it's failed. I tried to setup again, but got the same error. Idea to fix, please? Thanks.

Found wildcard domain name and http challenge type, switching to dns-01 validation.
2023/04/24 01:52:57 [INFO] [dev.lab01.com, *.dev.lab01.com] acme: Obtaining SAN certificate
2023/04/24 01:52:59 [INFO] [*.dev.lab01.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/221913455347
2023/04/24 01:52:59 [INFO] [dev.lab01.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/221913455357
2023/04/24 01:52:59 [INFO] [*.dev.lab01.com] acme: use dns-01 solver
2023/04/24 01:52:59 [INFO] [dev.lab01.com] acme: Could not find solver for: tls-alpn-01
2023/04/24 01:52:59 [INFO] [dev.lab01.com] acme: Could not find solver for: http-01
2023/04/24 01:52:59 [INFO] [dev.lab01.com] acme: use dns-01 solver
2023/04/24 01:52:59 [INFO] [*.dev.lab01.com] acme: Preparing to solve DNS-01
2023/04/24 01:53:05 2023/04/24 01:52:59 info executing task task=action=dns&do=delete&domain=dev.lab01.com&name=_acme-challenge&type=TXT
2023/04/24 01:53:02 info executing task task=action=dns&do=add&domain=dev.lab01.com&name=_acme-challenge&named_reload=yes&ttl=5&type=TXT&value=%22D5mmpHPuVKwUDzwiOD9wu90pEMbZTy_-jMbkOjn_sNI%22

2023/04/24 01:53:05 [INFO] [*.dev.lab01.com] acme: Trying to solve DNS-01
2023/04/24 01:53:05 [INFO] [*.dev.lab01.com] acme: Checking DNS record propagation using [8.8.8.8:53]
2023/04/24 01:53:35 [INFO] Wait for propagation [timeout: 5m0s, interval: 30s]
2023/04/24 01:53:35 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:54:06 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:54:36 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:55:07 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:55:37 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:56:07 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:56:38 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:57:08 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:57:38 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:58:08 [INFO] [*.dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:58:38 [INFO] [*.dev.lab01.com] acme: Cleaning DNS-01 challenge
2023/04/24 01:58:41 2023/04/24 01:58:38 info executing task task=action=dns&do=delete&domain=dev.lab01.com&name=_acme-challenge&type=TXT

2023/04/24 01:58:41 [INFO] [dev.lab01.com] acme: Preparing to solve DNS-01
2023/04/24 01:58:46 2023/04/24 01:58:41 info executing task task=action=dns&do=delete&domain=dev.lab01.com&name=_acme-challenge&type=TXT
2023/04/24 01:58:43 info executing task task=action=dns&do=add&domain=dev.lab01.com&name=_acme-challenge&named_reload=yes&ttl=5&type=TXT&value=%22gv_e1dWxa9EtHCkOGw_rAVavdV4mVD5hh8kB4Gme7Mk%22

2023/04/24 01:58:46 [INFO] [dev.lab01.com] acme: Trying to solve DNS-01
2023/04/24 01:58:46 [INFO] [dev.lab01.com] acme: Checking DNS record propagation using [8.8.8.8:53]
2023/04/24 01:59:16 [INFO] Wait for propagation [timeout: 5m0s, interval: 30s]
2023/04/24 01:59:16 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 01:59:47 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:00:17 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:00:48 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:01:18 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:01:48 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:02:19 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:02:49 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:03:19 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:03:49 [INFO] [dev.lab01.com] acme: Waiting for DNS record propagation.
2023/04/24 02:04:19 [INFO] [dev.lab01.com] acme: Cleaning DNS-01 challenge
2023/04/24 02:04:22 2023/04/24 02:04:20 info executing task task=action=dns&do=delete&domain=dev.lab01.com&name=_acme-challenge&type=TXT

2023/04/24 02:04:23 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/221913455347
2023/04/24 02:04:23 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/221913455357
2023/04/24 02:04:23 Could not obtain certificates:
error: one or more domains had a problem:
[*.dev.lab01.com] time limit exceeded: last error: NS ns2.lab01.com. returned NXDOMAIN for _acme-challenge.dev.lab01.com.
[dev.lab01.com] time limit exceeded: last error: NS ns2.lab01.com. returned NXDOMAIN for _acme-challenge.dev.lab01.com.
Certificate generation failed.
Click to expand...
 
Please remove the "solved" prefix from your post if it's not solved yet.

Are you trying to setup a cert for your hostname or for a double subdomain?
To start with.... dev.lab01.com does not have any A record it seems, because it does not resolve, so you have a DNS issue somewhere.
This is also the reason that the certification fails.

Also. you can't have 1 domain point to 2 different ip addresses unless I'm mistaken.
But lab01.com is pointing to 15.197.xx.xx as wel as to 3.33.xx.xx.

And then this:
last error: NS ns2.lab01.com. returned NXDOMAIN for _acme-challenge.dev.lab01.com.
Click to expand...
there is no ns2.lab01.com existing.

Are you by any chance changing ip's and nameservers and certificates at the same time?
 
You must log in or register to reply here.
Back
Top