DNS record for <domain> doesn't exist

Pete · December 24, 2020, 5:29pm

Ok, so I’m setting up a second Hestia box (yay for me), but running into problems whenever trying to add a LE SSL certificate. I’ve read all the other forum posts about this error message, but not finding anything that fits the problem.

So far I’ve gotten the host SSL working using v-add-letsencrypt-host from SSH. I’ve added a few websites, each with their own DNS records but initially without SSH until the nameservers have updated. When editing the website record and attempting to add SSL via Let’s Encrypt, I’m getting ‘DNS record for doesn’t exist’ for every domain, including those with mail enabled where I’m trying to add SSL for mail too.

Given I didn’t hit these problems with the first Hestia box I set up last week (exactly same hardware / software spec), I’m wondering whether the DNS is somehow corrupt? Each domain definitely has a full set of DNS records on the same server.

The host DNS record is setup as child-ns and all the others are default. All sites are under the admin account. Could that be the issue?

Thanks,

Pete

eris · December 24, 2020, 5:37pm

DNS takes some time to update this…

Please check if the records have been updated

Pete · December 24, 2020, 5:40pm

Hi Eris,

Yup, should have mentioned that I’d checked that. I’d waited for the whole world to give me a green tick before trying to add the SSL.

Thanks for super-fast reply, btw.

Pete

Raphael · December 24, 2020, 6:07pm

It does a nslookup domain.tld on your server, to validate if the record exists. Would suggest to run it over ssh and validate the reply.

Pete · December 24, 2020, 6:22pm

Hi ScIT,

Happy Christmas!

I tried v-add-letsencrypt-domain admin [domain] and it came back with
Error: DNS record for [domain] doesn’t exist

Pete

Pete · December 24, 2020, 6:25pm

Ok, an nslookup [domain] comes back with:

Server:		127.0.0.53
Address:	127.0.0.53#53

** server can't find [domain]: SERVFAIL

Pete · December 24, 2020, 6:27pm

But, this works:

nslookup google.com

Server: 127.0.0.53
Address: 127.0.0.53#53

Non-authoritative answer:
Name: google.com
Address: 172.217.20.78
Name: google.com
Address: 2a00:1450:400e:80a::200e

Raphael · December 24, 2020, 7:37pm

It’s a local dns issue, probaly suggest to take other, external dns servers like cloudflare or similar. Probaly a nslookup domain.tld 1.1.1.1 would give a valid reply.

Pete · December 24, 2020, 9:07pm

Think you’re probably right. After adding Cloudflare I can add the Lets Encrypt certificate using v-add-letsencrypt-domain - however, can’t seem to add a cert to the mail domain (either through the Hestia GUI or v-add-letsencrypt-domain mail.domain.tld).

Raphael · December 25, 2020, 7:15am

What is your error there?

Pete · December 25, 2020, 8:16am

Same as before - ‘DNS record for [domain] doesn’t exist’ in GUI. On he command line I get ‘Error: web domain mail.domain.tld doesn’t exist’, but that’s unsurprising as ‘mail.’ isn’t a web domain (is there an equivalent to v-add-letsencrypt-domain to secure mail?).

Pete

Raphael · December 25, 2020, 8:34am

As you get informed with this checkbox, please check the dns records exists:

You just don’t have any valid record for mail.domain.tld .

Check how the mail is configured on our demo: https://demo.hestiacp.com:8083/edit/mail/?domain=hestiacp.xyz

Pete · December 25, 2020, 8:48am

Hi ScIT, but I do – and that’s what’s confusing. I set this second Hestia install up just like the first with default DNS entries when creating the zones (which includes mail. and webmail.) - works on my first server, not on the second. Exact same hardware & software config. Do you think it’s worth deleting the zone(s) and recreating them, or would that cause more problems than it’s intended to fix?

Pete

Raphael · December 25, 2020, 8:52am

Have you created a dns cluster? DNS zones works only, if you have a dns cluster and used them as nameserver for your domain. it sounds more that you use a external provider for your dns, you need to add them probaly there.

Felix · December 25, 2020, 9:09am

Also check where the DNS record(s) are pointing at. They should point to the IP of the server, not just any IP.

Merry Christmas everyone !

Pete · December 25, 2020, 9:11am

Hi ScIT, not using a DNS cluster since the sites on server 1 are completely separate from server 2. I’m now using Cloudflare for everything but the host domain, and when you first set that up it copies the existing records - so it also has mail. & webmail., etc.

Felix - yup, definitely pointing at the correct IP And Merry Christmas!

Pete

Pete · December 25, 2020, 9:12am

BTW, SOA on these DNS records is (now) set to Cloudfare’s Nameserver. Is that the right thing to do?

Maxinebob · July 14, 2023, 2:37am

Here it resolved after I added the “www” in the CNAME record of Cloudflare.