LetEncrypt query timed out looking up CAA. Work-a-round

Written by James McDonald

April 27, 2017

Annoying problem with LetsEncrypt when running
./certbot-auto renew

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: test.example.com.au
   Type:   connection
   Detail: DNS problem: query timed out looking up CAA for
   test.example.com.au

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

 

For some reason if you try and renew a cert with two domains in it you get the annoying error above. So try this:

./certbot-auto certonly --webroot -w /var/www/test/ -d test.example.com.au

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...