My domain is pending state,I cannt apply ssl certificate through acme

My domain name is always pending. Please help me check it. One domain name is: 007z.xyz and the other domain name is vofvendetta.xyz. I do n’t know why it is always pending, but I can use nslookup to resolve it to my IP Why is it still pending? Then I applied for an ssl certificate through the acme command, but told me that my domain name was pending and I still could n’t get the certificate.

Both domains are not properly configured but still have one of the original nameservers set. Only set Cloudflare nameservers to have it validated on Cloudflare.

before I have already modified namesilo DNS nameserver as cloudflare DNS,but my cloudflare domain still was pending state. how do I set Cloudflare nameservers to have it validated on Cloudflare?


1 Like

on namesilo website I set cloudflare DNS to namesilo Nameserver. your mean that namesilo nameserver modify as one cloudflare DNS and are the other nameserver deledted?please watch my picture.
you said “still have one of the original nameservers set.” please you tell me that how to make original nameservers set.

Your screenshot shows exactly what I was referring to. Please re-read my original response

now I delete namesilo Nameserver as ns3.dnsowl.com,I wait cloudflare nameserver automatically flush refresh? next step I will how to do?


Now it is correctly set and should eventually validate on Cloudflare.

I still have a question. The domain name that I applied on namesilo was analyzed and placed on cloudflare. Then, is the certificate generated on cloudflare or on namesilo?
I used amce tool to access cloudflare through DNS API, but it always fails. Why is that?
----------------------------------cloudflare DNS API example----------------------

Using the new cloudflare api token

export CF_Token="sdfsdfsdfljlbjkljlkjsdfoiwje"
export CF_Account_ID="xxxxxxxxxxxxx"

In order to use the new token, the token currently needs access read access to Zone.Zone, and write access to Zone.DNS, across all Zones. See Issue #2398 for more info.

Ok, let’s issue a cert now:

acme.sh --issue --dns dns_cf -d example.com -d www.example.com

The CF_Key and CF_Email or CF_Token and CF_Account_ID will be saved in ~/.acme.sh/account.conf and will be reused when needed.

I use the method above.acme return error.

Not sure about your question. If you are referring to an SSL certificate, you will need this on your server. Not Cloudflare nor Namesilo (unless Namesilo is also your host).

another question: now cloudflare DNS resolved my domain fails.please watch my picture.

Please check out support.cloudflare.com and #Tutorials. All of that is covered there already.

I think whether the DNS address of the VPS server should be changed to 1.1.1.1, you see my picture, it is now 8.8.8.8

That is not related to your resolver. Again, please check out the tutorials.

1 Like

Hi @zhang007z1, in addition to the #Tutorials @sandro suggests, perhaps brush up on the #setup (Getting Started) docs listed in this post, Expert Tip - Getting Started From the Help Center. Domain shows as active now and the extra nameserver has been removed.

After reviewing the #setup guides and #Tutorials, make sure you have an A record named vofvendetta.xyz (use @ and it will revert to the name) that points to your origin IP address, that record should be :orange:.

Hint - Check item 4 in this #CommunityTip, Community Tip - Fixing the DNS PROBE FINISHED NXDOMAIN error

I don’t add @ value,this problem results in nslookup tool resolved these subdomain fail?because these subdomain have defferent the value of IP address.if I add @ to this table,which value of IP address is set to @ txt record? May I set any one IP address to @ record?

I have already add @ to two domains of 007z.xyz and vofvendetta.xyz,because An hour has passed and two domains resolved still has no effect.please you make re-check operation for me. thanks in advance.

I don’t think I’m tracking at all with what you just asked, sorry :frowning:. The 007 domain is active and vofvendetta.xyz is pending. The pending zone may be affected by an ICANN transfer prohibited visible with a whois:

$ whois vofvendetta.xyz
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited

https://www.whatsmydns.net/#NS/vofvendetta.xyz

From https://thenewstack.io/risks-dns-hijacking-serious-take-countermeasures/:orange:

clientDeleteProhibited, clientUpdateProhibited and clientTransferProhibited at the registrar level and serverDeleteProhibited, serverUpdateProhibited and serverTransferProhibited at the registry level.

As their names imply, these flags will prevent domain names from being deleted, transferred or updated — including having their nameservers changed