Operating system:Ubuntu Linux
OS version: 20.04.2
Good evening guys,
I made a default install of Virtualmin on Ubuntu Cloud Server. When asked for the hostname and default domain in the installer I entered host.domain.com
BIND created a single zone host.domain.com which doesn’t seem to want to authenticate with LetsEncrypt for an SSL cert via either HTTP or DNS, possibly due to the zone chain being broken? LetsEncrypt gives DNS errors when trying to request the cert while DNS lookups anywhere else have no problems.
When DNSSEC was enabled this instantly started causing problems too as there was no zone in between host.domain.com and .com as such I created a domain.com zone to complete the DNSSEC authentication chain. How should delegation records be added in the parent zone exactly? Whatever I add is throwing up the following error when authenticating the DNSSEC chain:
domain.com to host.domain.com: No delegation NS records were detected in the parent zone (domain.com). This results in an NXDOMAIN response to a DS query (for DNSSEC).
Hopefully once this is resolved LetsEncrypt will start to resolve the ns.domain.com servers and issue SSL certs for the host.domain.com
Any ideas?
Cheers