Hostname redirects to a user

Xen

New member
Joined
Mar 13, 2016
Messages
9
My hostname (srv1.domain.com) redirects to a users website.

Current situation:
https://srv1.domain.com shows "Apache is functioning normally".
http://srv1.domain.com shows the website of the first user in DirectAdmin.

I wish that the http:// version also get a blank page with the text "Apache is functioning normally".

Notable settings in directadmin.conf:
Code:
SSL=1
enable_ssl_sni=1
letsencrypt=2
servername=srv1.domain.com
ssl_redirect_host=srv1.domain.com

When I try to create a TLS certificate for the hostname I get the following error message:
Code:
[root@srv1 custombuild]# cd /usr/local/directadmin/scripts
[root@srv1 scripts]# ./letsencrypt.sh request srv1.domain.com 4096
Setting up certificate for a hostname: srv1.domain.com
Getting challenge for srv1.domain.com from acme-server...
Waiting for domain verification...
Challenge is invalid. Details: DNS problem: SERVFAIL looking up A for srv1.domain.com. Exiting...

Apache is listening on port 8080
Varnish is listening on port 80
Certificate requests for user domains just works fine.

What can be cause this fault?
 
The output of cat /var/named/srv1.domain.com.db:

Code:
[root@srv1 ~]# cat /var/named/srv1.domain.com.db


$TTL 14400
@       IN      SOA     ns1.domain.com.      hostmaster.srv1.domain.com. (
                                                2016031401
                                                14400
                                                3600
                                                1209600
                                                86400 )

srv1.domain.com.	14400	IN	NS	ns1.domain.com.
srv1.domain.com.	14400	IN	NS	ns2.domain.com.

ftp	14400	IN	A	xxx.xxx.xxx.xxx
localhost	14400	IN	A	127.0.0.1
mail	14400	IN	A	xxx.xxx.xxx.xxx
pop	14400	IN	A	xxx.xxx.xxx.xxx
smtp	14400	IN	A	xxx.xxx.xxx.xxx
srv1.domain.com.	14400	IN	A	xxx.xxx.xxx.xxx
webmail	14400	IN	A	xxx.xxx.xxx.xxx
www	14400	IN	A	xxx.xxx.xxx.xxx

srv1.domain.com.	14400	IN	MX	10 mail



_dmarc	14400	IN	TXT	"v=DMARC1; p=none; sp=none; rua=mailto:[email protected]"
srv1.domain.com.	14400	IN	TXT	"v=spf1 a mx ip4:xxx.xxx.xxx.xxx ip6:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx ~all"


[root@srv1 ~]#
 
Hello,

try:

Code:
cd /usr/local/directadmin/custombuild
./build clean
./build update
./build apache
./build rewrite_confs

Kindly let us know results.
 
The first problem is solved. Thank you zEitEr.
Both srv1.domain.com, http as https are showing "Apache is functioning normally".

The second problem is still there when I try to generate a hostname certificate with Let's Encrypt:

Code:
[root@srv1 custombuild]# cd /usr/local/directadmin/scripts
[root@srv1 scripts]# ./letsencrypt.sh request srv1.domain.com 4096
Setting up certificate for a hostname: srv1.domain.com
Getting challenge for srv1.domain.com from acme-server...
Waiting for domain verification...
Challenge is invalid. Details: DNS problem: SERVFAIL looking up A for srv1.domain.com. Exiting...
 
Seems to be an issue with DNS resolving either on your or LE's side.
Usually the second or the third attempt helps if they can not resolve a domain from the first try, of course if it's not an issue with DNS on your side.

Anyway without details on what domain you're trying to install LE cert hardly can we help you more.
 
This problem is solved with Johns' help.

In this case DNSSEC was activated on the hostname (srv1.domain.com) and the domain (domain.com). The DNSKEY on srv1.domain.com cannot be set as trusted anchor at the domain registry. Let's Encrypt does probably DNSSEC verifications. This causes that there was a mismatch.
See also: https://www.google.com/#q=SERVFAIL+DNSSEC

The SERVFAIL error was still there after I had deleted DNSSEC from the hostname. With the deletion of DNSSEC from the domain too, the error was gone.
"Certificate for srv1.domain.com has been created successfully!"

To delete DNSSEC from a domain: edit the /etc/named.conf and rename the zone from domain.com.db.signed to be just domain.com.db and restart named.
Don't forget to delete the trusted anchor at the registry.
 
Back
Top