Failed to renew TLS certificate (no apparent cause)

Site name: distracted-keller-67ab56.netlify.app

I recently got an email with the the following error message:

SniCertificate::CertificateNonvalidError: Unable to verify challenge for asexuality-handbook.com: 64.98.145.30: Invalid response from http://asexuality-handbook.com/.well-known/acme-challenge/BLdWhGqd5y9Zw6JXW9S61n89RImREQ4RvHRK_5DbsGs: "\n\n\n\n

I have not been able to resolve this error. I looked at some of the similar topics on this forum but none of them seem quite the same – in particular, I haven’t changed any DNS settings for the site, and previously it was working just fine.

Thanks.

Hey @LukeGompertz

I see two A records for asexuality-handbook.com

% dig asexuality-handbook.com A
asexuality-handbook.com. 271	IN	A	64.98.145.30
asexuality-handbook.com. 271	IN	A	75.2.60.5

The second record (listed above) is correct as per configure external DNS documentation. The first record is not. Remove the A record for 64.98.145.30 and this should resolve the issue.

1 Like