Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes we did dig @208.67.220.220 -t CNAME <ssl-endpoint>.herokussl.com. And we got the following SERVFAIL error:

; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: <id> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION: ;<end-point>.herokussl.com. IN CNAME

;; Query time: 1226 msec ;; SERVER: <server>#53(<server>) ;; WHEN: Fri Oct 21 12:27:55 2016 ;; MSG SIZE rcvd: 44



try nslookup your-SSL-endpoint.herokussl.com

the dig command does not work for me either...

=================================

nslookup iwate-2009.herokussl.com Server: 208.67.222.222 Address: 208.67.222.222#53

Non-authoritative answer: iwate-2009.herokussl.com canonical name = elb030330-152447250.us-east-1.elb.amazonaws.com. Name: elb030330-152447250.us-east-1.elb.amazonaws.com Address: 54.225.242.254 Name: elb030330-152447250.us-east-1.elb.amazonaws.com Address: 54.225.217.226 Name: elb030330-152447250.us-east-1.elb.amazonaws.com Address: 54.235.181.244


In that case I get:

;; Got SERVFAIL reply from 10.17.100.2, trying next server Server: 10.17.100.2 Address: 10.17.100.2#53

server can't find <sslendpoint>.herokussl.com: NXDOMAIN


maybe try this and replace w/ ur sslendpoint? see if that works? this works for me.

http://network-tools.com/nslook/Default.asp?domain=iwate-200...


Ok figured it out. It was actually an issue with cloudflare being affected by the Dyn issue, rather than a heroku-ssl problem. Thanks for the help.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: