DigitalOcean

Report this

What is the reason for this report?
Question

Can´t add LetsEncrypt certificate on Load balancer for new subdomain

Posted on October 26, 2018
Let's Encrypt
Ubuntu 16.04
Load Balancing
JavierL

By JavierL

Hi. I’m having a really hard time trying to figure this out, so far nothing has worked

I currently have a DO load balancer in front of two small droplets. I have a subdomain (beta.example.com) pointed to the the LB which performs SSL termination. The SSL cert for the LB is generated by digital ocean automatically from Let’s Encrypt (using the simple two-click setup). This has been working fine since I set it up 2-3 months ago.

Today, I created a new subdomain (new.example.com) with an A record pointed to the same load balancer (in the meantime, I changed nginx configuration in my droplets so they would take the traffic to the new subdomain). (The parent domain, example.com, was purchased from namecheap, and points to DO nameservers as it always has)

When I tried to create (using the same super simple two click setup) a new SSL cert for the load balancer that would work with the new subdomain (as the previous had been only created for beta.example.com and www.example.com), I couldn’t complete the process because I got an error “No NS records found for example.com domain.” (even though they are all set, for months now)… I inspected the XHR traffic (request and response) when trying to complete the process, and DO’s response comes as HTTP 422 (Unprocessable Entity) with the above message.

I tried removing and re-adding the NS records for my domain, still the same error. I tried creating a subdomain on other domains I’ve hosted in my account using the same process, and got the same error. Tried spinning up an entirely new loadbalancer with a new subdomain, same error.

The thing is I need to promote my website to production, but it’s not good marketing to host it under a “beta” subdomain unless it’s 2005 and you’re google :)

If anyone helps me figure it out, I’ll owe you a beer if you come to Chile :)

EDIT: FWIW, if I go into a dev box I have on a totally different hosting provider and run dig NS example.com, the answer section correctly returns digitalocean’s nameservers as expected (ns1.digitalocean.com, ns2.digitalocean.com, ns3.digitalocean.com)



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
fiftylinesofcode
fiftylinesofcode
October 27, 2018

I’m getting the exact same error “No NS records found for … domain.” when trying to add a new certificate.

0
JavierL
JavierL
October 28, 2018

Update: I got word back from DO support and I was told that there was a bug in the backend that got fixed late saturday/early sunday. It’s now working fine :)

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.