SSL fail: Error: DNS record for <my domain> doesn't exist - not duplicated post

Hi i´m new on Hestia but, i installed this on march 1 with an backup from Vesta all worked fine except at this momment some SSL for some sites who fail when i try to renew, i try manually because of the cronjob don´t maked the job for some reason

This is the given error (both on UI when i try to edit domain and activate SSL) and when i run CLI Command:
Error: DNS record for doesn’t exist

I try solution on post without any success or error change: 2580

I already updated All with: sudo apt update && sudo apt upgrade

This is my system detail: Hestia Control Panel v1.5.15 / Operating System Debian 11.3 (x86_64)

Note: This worked fine until this momment because when i ran the backup from vesta comes with SSL keys and this domain and site are working on production, my clients and i can access and when i use an dns checker like the domain goes to my Server IP Addess

So I have 2 days searching solution bwithout success, thanks for your help

basicly the hestia server runs an nslookup domain.tld localy, so if you run that command on your server itself over ssh, you’ll see that it fails. You need to fix that specific dns resolution issue to get it working.

I tryed edit the file nano /etc/resolv.conf

With this content:
nameserver 2001: 4860: 4860 :: 8888
nameserver 2001: 4860: 4860 :: 8844

But still failing, this are an domain with 2 months working on this IP so i don´t understand the error.

You need any log to help me?

what happen if you run nslokup domain.tld

[email protected]:/home/user# nslookup domain.tld

** server can’t find domain.tld: NXDOMAIN

My server is on Google Cloud Platform

Open port 53 for outgoing traffic in firewall?

Hi, yes all outgoing ports are open.

My server have this default nameserver, so this work to some sites (in this same server and others) but some sites on this server don´t work

This is an example of working address:



Non-authoritative answer:
Name: google
Name: google
Address: 2607:f8b0:4001:c01::5e

This don´t work:
nslookup tecnitracker

** server can’t find tecnitracker SERVFAIL

But if i check dns of tecnitracker on dnschecker this goes to on my IP

[email protected] ~ % nslookup
;; Got SERVFAIL reply from, trying next server

It looks like there is an dns error…

But this is an working domain since lot of time. You know how i can fix?

Is domain.tld behind nat ?

the domain isnt working from here aswell, resolution issue. Solution depends on mutliple parts, where do you run your dns? Does all nameserver run as expected? Arte the entries valid? Is the dns zone active? And a few more to begin with, depends on each other question. Nothing we could give a step by step guide.

For me the nameservers are not resposinding…

I had a supposed DNS propagation problem this Friday.

The panel showed the DNS zone as expected but it was not propagating.

Today I checked if it propagated and it didn’t. I restarted the DNS service and the propagation was immediate.

service bind9 restart

1 Like

Question 1 to be asked do you host DNS your self?

Thanks for all

The mistake was in DNS config because of missing NS registers in Hestia, the solution was add NS registers and A with domains names pointing to the server IP

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.