- Newest
- Most votes
- Most comments
The issue you're experiencing is not related to the hyphen in your domain name, but rather appears to be a DNSSEC (Domain Name System Security Extensions) validation problem. DNSSEC is a set of extensions to DNS that provide authentication of DNS data, and in your case, it seems that the DNSSEC validation is failing.
The error messages indicate that there are missing DNSKEY records, which are crucial for DNSSEC validation. This suggests that either DNSSEC is not properly configured for your domain, or there might be issues with the DNSSEC setup at your domain registrar or DNS provider.
To resolve this issue, you should:
-
Check with your domain registrar or DNS provider to ensure that DNSSEC is properly configured for your domain. If it's not needed, you might consider disabling DNSSEC temporarily to see if that resolves the issue.
-
If DNSSEC is required, work with your DNS provider to correct the DNSSEC configuration, ensuring all necessary records (including DNSKEY records) are present and correct.
-
Verify that your DNS records (A and AAAA records) for both the apex domain (mbc-rei.com) and the www subdomain (www.mbc-rei.com) are correctly set up and pointing to your Lightsail instance's IP address.
-
After making any changes to your DNS or DNSSEC configuration, allow some time for the changes to propagate before attempting the bncert process again.
-
If you continue to face issues, you might want to consider using an alternative method for obtaining an SSL/TLS certificate, such as manually using Certbot, which offers more control over the certificate issuance process.
Remember that the bncert tool is designed to simplify the process of obtaining and installing SSL/TLS certificates, but it may not handle all edge cases, especially when dealing with complex DNS configurations like DNSSEC. If the problem persists after addressing the DNSSEC issues, you may need to consult with AWS support or consider alternative methods for securing your WordPress site with HTTPS on Lightsail.
Sources
Secure your WordPress site with HTTPS on Lightsail - Amazon Lightsail
Troubleshoot DNS validation problems - AWS Certificate Manager
Launch and configure a WordPress instance on Lightsail - Amazon Lightsail
Relevant content
- asked 3 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 24 days ago
Thank you for the insight. It does appear that the issue was the DNSSEC record still being intact with my registrar since lightsail doesn't seem to support that.