No CNAME found while they all worked before

Hosting Support
1

Website URL

(please specify the URL of the site on which you are experiencing the problem)

Error Message

(no CNAME found) not Ready

Other Information

(other information and details relevant to your question)

Try to renew certificates.
Renew, so the CNAME was correct all the previous renewals.

But today, on every domain we want to renew, there is this error, while all domains have the correct CNAME setup long long time ago

Assumingly there is an issue on the infinity side, if not, what else can be done from our side ?

2

Would you mind sharing your domain name so we can verify that your CNAME record is actually setup correctly?

5 Likes
3

whoc.dog
romagility.dog
just two examples.

Meanwhile things got more crazy because at a certain point the message was that the CNAME was OK, we could request the certificate and then the message returned: Please set up the following CNAME record on your domain name.

4

image
image829×243 13.6 KB

5

So here is what happens now:
Certificate is valid, after request it says it is invalid:

image
image846×484 23.4 KB

6

And things are getting more crazy:
The domain name needs to be validated first.
and
The CNAME record is set up correctly!

in de same window

image
image823×240 11.4 KB

8

Hmm, I can see how that’s strange behavior.

As far as I can tell, this is just a DNS caching issue. The client area uses multiple DNS resolvers to check whether the CNAME record is in place, and it’s possible that one of them may have the CNAME record and the other does not.

Please give it an hour or two and try again then.

7 Likes
9

The CNAME records are set at least 90 days ago, because it are renewals, not new first time certificates

10

I checked our logs, and I see that some of the SSL orders you attempted to submit failed because Let’s Encrypt couldn’t complete the DNS verification. This can sometimes be caused by the required TXT records not being setup in time on our end (in the nameservers that the CNAME records points to), or the CNAME record itself not being found.

Given that our CNAME check was also returning inconsistent results, I think the most likely reason is that your nameservers were not consistently returning the CNAME record. But your domain is not using our nameservers, so it’s hard for me to say how reliable or consistent the nameservers of your domain are.

5 Likes
11

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.