why i can’t add ssl to my domain when i have totally everything
i can’t add ssl to domain and have that error:
Error: DNS record for www.kacperrusin.pl doesn’t exist
Could this be related to having 2 visible IP addresses to the hostname?
id 26943
opcode QUERY
rcode NOERROR
flags QR RD RA
;QUESTION
kacperrusin.pl. IN A
;ANSWER
kacperrusin.pl. 300 IN A 104.21.79.34
kacperrusin.pl. 300 IN A 172.67.141.135
;AUTHORITY
;ADDITIONAL
No. Those are Cloudflare proxy IPs. Connections to either will still be forwarded to the origin site on the HestiaCP server.
There are Cloudflare settings that can interfere with obtaining a Let’s Encrypt certificate using the HTTP-01 challenge. You may want to test for breaking redirects using curl to confirm whether that is where the process is interrupted.
I have found the following Cloudflare settings to be compatible with Let’s Encrypt certificates on the origin server.
nslookup www.kacperrusin.pl runned on your server gives an invalid answer, check the server dns settings.
now, when im trying to add ssl i have this :
Error: Let’s Encrypt validation status 400 (kacperrusin.pl). Details: 400:“DNS problem: SERVFAIL looking up A for www.kacperrusin.pl - the domain’s nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for www.kacperrusin.pl - the domain’s nameservers may be malfunctioning”
what can i do when i have A record created and domain kacperrusin.pl is working and panel its on https?
What nameservers did you add into your domain registrant?
i have my domain register on dhosting and there i have rekord a to my server and on server i have this configuration, or i need there on my server change NS servers to where i have register domain?
Last login: Mon Oct 30 13:40:33 on ttys005
jaapmarcus@Jaaps-MacBook-Air ~ % nslookup www.kacperrusin.pl
;; Got SERVFAIL reply from 195.121.1.34, trying next server
;; Got SERVFAIL reply from 195.121.1.66, trying next server
Server: 192.168.2.254
Address: 192.168.2.254#53
** server can't find www.kacperrusin.pl: SERVFAIL
jaapmarcus@Jaaps-MacBook-Air ~ % nslookup kacperrusin.pl
;; Got SERVFAIL reply from 195.121.1.66, trying next server
;; Got SERVFAIL reply from 195.121.1.34, trying next server
Server: 192.168.2.254
Address: 192.168.2.254#53
** server can't find kacperrusin.pl: SERVFAIL
jaapmarcus@Jaaps-MacBook-Air ~ %
Also whois the don’t point to your server…
DOMAIN NAME: kacperrusin.pl
registrant type: individual
nameservers: ns1.domena.pl. [193.239.44.33]
ns2.domena.pl. [91.234.176.240]
ns3.domena.pl. [195.110.49.49]
created: 2023.05.04 17:18:11
last modified: 2023.10.30 14:06:42
renewal date: 2024.05.04 17:18:11
Lets do the things from the start!
- When you are on cloudflare and doing the “Add website” or “Add a site” dont remember exactly… Cloudflare provides you 2 nameservers like: ns1.clouflare.com and ns2.clouflare.com. You take those 2 nameservers and add them to dhosting.
- After the dns propagation is done (mostly 30 minutes - 2 hours max) (But they are saying up to 48h) You are going back to cloudflare and you add the A records mx records etc to point to your servers IP.
- Nothing to do! Wait a couple minutes and everything will be ok!
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.