Let’s Encrypt installation error on Plesk server: DNS problem: NXDOMAIN looking up A

Symptoms

• The following error occurs on an attempt to secure domain/subdomain/alias with Let's Encrypt via Domains > example.com > SSL/TLS Certificates:

  Detail: DNS problem: NXDOMAIN looking up A for alias.example.com

  Detail: DNS problem: query timed out looking up A for alias.example.com

• The following may be seen on the notification taskbar:

  An issue occurred while securing the domain example.com:
  The certificate has been issued. Some alternative domain names were excluded.
  Domains that have not been secured are listed below. Please secure them manually.
  · www.example.com
  · webmail.example.com
  · alias.example.com 

• The domain from the error, alias.example.com in this example, cannot be resolved globally.

  Note: The error may also occur for the webmail.example.com and for the domain with www prefix, e.g. www.example.com.

Cause

Missing DNS record

Resolution

Use one of the following solutions:

• Correct DNS settings:

  • If Plesk is used as DNS server, add the required records as described in the following article How to add a DNS record for a domain in Plesk

  • In case if DNS are hosted outside of Plesk, create the records on the DNS registrars side.

    Note: after correcting DNS settings, it is required to wait until a DNS zone is propagated through the Internet. It may take up to 48 hours.

• Secure only main domain, e.g example.com:

  1. Log into Plesk.

  2. Open Domains > example.com > SSL/TLS Certificates > Install(at the bottom) and leave only Secure the domain name checkbox toggled and issue the certificate: