Domain has DNS records pointing to server and website is live, yet can't complete DCV.

I have many domains on my VPS and they are all covered by AutoSSL, yet one won't pass the Domain Control Verification.

The domain is literally live right now to the world, yet when I run AutoSSL it won't issue an SSL for this specific domain.

I have an A Record pointing to my server, which makes the domain live. The MX records are left to what they were before (pointing to G Suite), and there are also some NS (Delegated subdomain name server) records pointing the www version to my two nameservers.

Am I doing something wrong? I figured instead of changing the overall nameservers and then adding MX records back on my end, I would just leave my clients already configured MX records on their domain registrars end and just add an A record to point to my server.

 

Yes! And I am very confused with the results.

It actually doesn't even list the domain by itself in the logs, it just lists a bunch of subdomains that can't be verified (changed for security reasons):

8:17:15 AM The website “oldsubdomainfortesting.maindomain.com”, owned by “user”, has a faulty SSL certificate (OPENSSL_VERIFY:0:18:DEPTH_ZERO_SELF_SIGNED_CERT NOT_ALL_DOMAINS). AutoSSL will attempt to replace this certificate.
8:17:16 AM WARN The domain “mail.livedomain.ca” failed domain control validation: “mail.livedomain.ca” does not resolve to any IPv4 addresses on the internet.
8:17:16 AM WARN The domain “whm.livedomain.ca” failed domain control validation: “whm.livedomain.ca” does not resolve to any IPv4 addresses on the internet.
8:17:16 AM WARN The domain “cpanel.livedomain.ca” failed domain control validation: “cpanel.livedomain.ca” does not resolve to any IPv4 addresses on the internet.
8:17:16 AM WARN The domain “webdisk.livedomain.ca” failed domain control validation: “webdisk.livedomain.ca” does not resolve to any IPv4 addresses on the internet.
8:17:16 AM WARN The domain “webmail.livedomain.ca” failed domain control validation: “webmail.livedomain.ca” does not resolve to any IPv4 addresses on the internet.
8:17:16 AM WARN AutoSSL will defer the renewal of “oldsubdomainfortesting.maindomain.com”’s certificate because 1 domain (mail.livedomain.ca) that the current certificate secures failed DCV. If AutoSSL renewed the certificate now, that domain would lose SSL coverage. AutoSSL will defer “oldsubdomainfortesting.maindomain.com”’s certificate renewal until 11/11/18, 7:03 PM UTC (3 days before expiry) or until all of “oldsubdomainfortesting.maindomain.com”’s currently secured domains pass DCV. at bin/autossl_check.pl line 500, <DATA> line 1.
​

So I am just all-around confused.

The website “oldsubdomainfortesting.maindomain.com” redirects to "livedomain.ca", and that website is currently live right now on my server, public, with no SSL certificate

 

I'm not really sure what the dig command means I think I'll open a ticket, thanks!