Skip to main content

SERVFAIL (2) SSL HOSTNAME

Comments

5 comments

  • cPRex Jurassic Moderator

    Hey there!  If you run this command on the server does it return the correct IP address for the hostname?

    /scripts/cpdig your.servers.hostname A
    0
  • lm s

    Thank you very much for responding. If I run it with the full hostname, it returns the correct IP. If I run the domain name but without the subdomain, it does not return an IP. Does Lets Encrypt require that the domain (and not just the hostname subdomain) point to the same IP?

    0
  • cPRex Jurassic Moderator

    No, there is no requirement for the domain and hostname to share an IP address.

    Is there anything odd related to that domain when you scan it with a tool like intodns.com?  If not, it's usually best to create a ticket for these issues as that seems to provide better and faster results than trying to guess at potential problems over the Forum.

    0
  • lm s

    Update: I have added glue records for the NS, and I also created a new DNS zone on the server for the hostname domain (in addition to the DNS zone that already existed for the subdomain hostname). This way, Let's Encrypt stopped returning a 400 error and was able to validate the domain and generate a new SSL certificate for the server.

    0
  • cPRex Jurassic Moderator

    The issue with the glue records likely would have showed up with a tool such as intodns.com, which is always a great way to ensure there are no issues with any portion of your DNS configuration.

    0

Please sign in to leave a comment.