DNS problem: SERVFAIL looking up A for personality.kg

June 20, 2018 220 views
Nginx Let's Encrypt Python Frameworks DNS Python Ubuntu 16.04

Hi! I am having problems setting up ssl encryption for my website. I've followed this tutorial and I am failing at step four on:

sudo certbot --nginx -d example.com -d www.example.com

With the following error:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for personality.kg
http-01 challenge for www.personality.kg
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. personality.kg (http-01): urn:acme:error:dns :: DNS problem: SERVFAIL looking up A for personality.kg

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: personality.kg
   Type:   None
   Detail: DNS problem: SERVFAIL looking up A for personality.kg

I've also got the same error, but about CAA record for some reason.

I have two A records for personality.kg and www.personality kg, which correctly point to the droplet's IP adress. I've checked this using:

dig +short @ns1.digitalocean.com personality.kg

Here is my nginx config file located in sites-enabled directory, I've removed the default one:

server {
listen 81;
real_ip_header X-Forwarded-For;
set_real_ip_from 128.0.0.1;
server_name personality.kg www.personality.kg;

root /var/www/html/psycho-test-rest/psycho_front/dist;

location /download_report/ {
root /var/www/html/psycho-test-rest/psycho_front/user-results;
try_files $uri /resultsdownload.html;
}

location ~ ^/(tests|CRUD)/ {
include uwsgi_params;
uwsgi_pass unix:/var/www/html/psycho-test-rest/socket.sock;
uwsgi_modifier2 30;
}

error_page 405 =200 /index.html;
location = /405.html {
root /usr/share/nginx/html;
}

error_page 501 502 503 504 /50x.html;
location = /51x.html {
root /usr/share/nginx/html;
}
}

Is there a way to fix this?

1 Answer

It turns out I just had to wait for couple of hours. Not all DNS records updated.

Have another answer? Share your knowledge.