Hello Friends,
I’m running HestiaCP 1.3.0
I have 15 DNS record form my main hosted domain.
The HestiaCP-logs show something strange happening.
‘deleted dns record 25/added CAA dns [email protected]…’
It never happened before.
This started on 10 Nov 2020 and since then it happening daily.
Below is the screen shot;
Any help assistance and guidance will be helpful.
Can you check the when the certificate expires of the domain
I think failing the renewal of Let encrypt is the issue.
Eris thanks for your reply. Initially I also though so as well. Apparently, it does not seem to be LE-SSL.
The SSL set up was done on the day I shifted on to HestiaCP: Sep 11 12:48:42 2020 GMT
SSL expiry will be: Dec 10 12:48:42 2020 GMT
Renewals start 30 days before expires and seems to be failing.
Please the the following line on line 198 of /usr/local/hestia/bin/v-add-letsencrypt-domain
echo "$user - $domain - $answer" >> "/var/log/hestia/letsencrypt-debug.log"
It should look like:
When that is done run the command:
v-add-letsencrypt-domain user domain.com www.domaim.com
It will mostlikely fail with an error code as:
**Error: Let’s Encrypt xxxxxx **
Then check /var/log/hestia/letsencrypt-debug.log
And share the error here and on GitHub.
Eris, thanks for your reply. I was adding a post on WordPress. Let me finish it and do the steps you suggested. I’ll get back again.
Hello Eris,
I’ve done > sudo nano /usr/local/hestia/bin/v-add-letsencrypt-domain
See my screenshot below;
I’ve highlighted the cursor position on; line 198 highlighted in ‘red’
echo “$user - $domain - $answer” >> “/var/log/hestia/letsencrypt-debug.log”
The above line-item is missing……(see screen shot below;)
Put it between status and the if statement
I was wrong it should line 195
Hello Eris,
I’ve done the steps as you suggested.
And the error message is;
Error: Let’s Encrypt validation status 400. Details: Unable to update challenge :: authorization must be pending
below is the screenshot of error details of /var/log/hestia/letsencrypt-debug.log
On Github, do I put its as and additional ‘comment’ to open ticket https://gist.github.com/jaapmarcus/db87d7d1086608b7e57e1ce57c752a1f#file-gistfile1-txt-L195
OR
Do I open a separate ticket?
Please let me know and I will do so as you advise.
Please add an additional comment.
What happens when you disable fore redirect ssl and try to request the domain again?
Hi Eris,
#1: I have attached all the logs and comment on Github as you advised.
#2: I was not sure what you meant by “What happens when you disable fore redirect ssl and try to request the domain again?”
Do you mean to Disable/Enable cron-script;
sudo /usr/local/hestia/bin/v-update-letsencrypt-ssl
or
Retry: v-add-letsencrypt-domain admin mydomain.com www.mydomain.com
Disable the second checkbox and then run
v-add-letsencrypt-domain admin mydomain.com www.mydomain.com
Then enable it again
Eris thanks,
#1: Disabled Automatic HTTPS redirection > SAVE
#2: run command ; v-add-letsencrypt-domain admin mydomain.com www.mydomain.com
No error message this time.
Checked Domain SSL Status and it worked as shown below;
#3. RE-Enabled Automatic HTTPS redirection > SAVE
All good and everything fixed!
Thanks again.
Do you want me to add all these info in the Github-ticket comment?
Please do,
I think we need to investigate what caused the issue
Thanks for confirming anyway 
Thanks Eris,
I just updated the comment on GitHub about steps done today successfully.
