I started having email issues this morning and investigating, I find the LetsEncrypt validation is failing. Is this a known issue?
Requesting a certificate for andrews.com, www.andrews.com, mail.andrews.com from Let's Encrypt ..
.. request failed : Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log Requesting a certificate for andrews.com and 2 more domains Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems: Domain: andrews.com Type: unauthorized
(edited to remove ips)
Make sure you are only asking for the correct certs on each server? Requesting a certificate for andrews.com, www.andrews.com, mail.andrews.com from Let's Encrypt ..
Why are you hosting a separate email server? Waste of resources and money. Your email server should use the same certificate as your domain. Of course, it will throw an error since your other server manages your domain
It really isn’t helpful to question this kind of decision as we know nothing of the infrastructure and reasoning behind it. It is also off topic. Our goal is to help resolve the problem.
Remove mail.domain.tld from your web server. Add A record with your email server’s IP address. Request a certificate for mail.domain.tld on your email server. Make sure it is propagated around the world first. https://dnschecker.org/@christophera