I’m not sure what problem we’re talking about here, this thread is kind of chaotic, but you need to have glue records are your registrar for every domain that point to your DNS servers (and, if the DNS servers are managed by Virtualmin and a secondary managed by Webmin, then Virtualmin will create all the necessary records for the services it believes you want). But, glue records don’t come from the Virtualmin server and Virtualmin can’t change them. They’re at your registrar and they need to be configured at your registrar. Nothing Virtualmin can do about them.
I’m not familiar with the terminology, but my domain is pointing to the DNS server on my host:
I have two other virual hosts/domains that are working on the same host.
Let’s enrypt works for the other virtual servers, but I get this:
Domain: nimitz85.com
Type: dns
Detail: DNS problem: looking up A for nimitz85.com: DNSSEC: Bogus: validation failure <nimitz85.com. A IN>: no keys have a DS with algorithm ECDSAP256SHA256 from 69.48.205.20 for key nimitz85.com. while building chain of trust; DNS problem: looking up AAAA for nimitz85.com: DNSSEC: Bogus: validation failure <nimitz85.com. AAAA IN>: no keys have a DS with algorithm ECDSAP256SHA256 from 69.48.205.20 for key nimitz85.com. while building chain of trust
Dig on that domain comes up empty. Like Joe said, this is chaotic but have we done this check?
root@main:~# named-checkconf /etc/bind/named.conf /etc/bind/named.conf.options:30: option 'dnssec-enable' is obsolete and should be removed
Note the ‘check bind config’ option.
Whois does show:
Name Server: NS1.XPALM.COM
Name Server: NS2.XPALM.COM
Seem like you have DNSSEC setup that need keys. Turn this option off. That make life more complicated,
I’m not sure where you have added this, could be registrar (most likely) or in virtualmin.
Someone else may have experience with this I never use it.
There is mention of cloudflare there.
If it is in virtualmin disable here.
Thanks for everyone’s effort.
The RCA is I had previously set all the DNS records set at Godaddy, When I changed it to the two DNS servers, godaddy retained the DS records for the domain, causing the problems.
I set it back to the details, deleted all the records and then set it back to just the 2 name servers.
Thanks again
1 Like
Thank you for letting us know the resolution.
1 Like
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.