Symptoms
If you are experiencing many errors similar to the ones below during an AutoSSL check, it is very likely that your server cannot reach the root DNS servers.
DNS query error (www.cpanel-support-testing.tld/NS): (XID ya7pk3) DNS request timeout: www.cpanel-support-testing.tld/NS
DNS does not manage “www.cpanel-support-testing.tld”.
DNS query error (mail.cpanel-support-testing.tld/NS): (XID 9prutc) DNS request timeout: mail.cpanel-support-testing.tld/NS
DNS does not manage “mail.cpanel-support-testing.tld”.
DNS query error (cpanel.cpanel-support-testing.tld/NS): (XID msu343) DNS request timeout: cpanel.cpanel-support-testing.tld/NS
DNS does not manage “cpanel.cpanel-support-testing.tld”.
Description
One of the likely culprits to this error above is that your server cannot connect to the root nameservers. For example, a.root-servers.net. During an AutoSSL check, If your server is not able to reach 3 of the root DNS servers then your server automatically stops checking. This will cause AutoSSL to stop working.
This was likely done by your hosting provider to prevent a DDoS attack, but this is not the proper way to do so. cPanel servers require the use of these root nameservers for many functions. Including WHM account creation, as well as AutoSSL, and licensing.
Workaround
You can run this command on the server's command line or terminal to confirm if your server can reach the root nameservers:
for i in {a..m}; do echo -n "$i.root-servers.net: "; dig -4 "$i".root-servers.net @"$i".root-servers.net +short;done
If you are not able to reach the root nameservers, or are only able to reach a few of them, you may see this error: connection timed out; no servers could be reached
next to the nameserver that failed.
If this is the case, please check that your firewall and network is able to reach the servers. If you are not able to resolve this yourself, it is highly suggested you contact your hosting provider or datacenter to investigate this for your further.
Comments
0 comments
Article is closed for comments.