DNSSEC ISSUE - Invalid Cert - Glue Record - Gandi - Malfunction

All of the sudden my Mail In Box stopped running this evening. I can only reach it via the ip and I am getting the following error

Nameserver glue records are incorrect. The ns1.box.xxx.com and ns2.xxx.aupt-industries.com nameservers must be configured at your domain name registrar as having the IP address 159.xxx.xxx.122. They currently report addresses of [Not Set]/[Not Set]. It may take several hours for public DNS to update after a change.

This domain must resolve to your box’s IP address (159.xxx.xx.122 / 2604:xxx:x1:x::27:b001) in public DNS but it currently resolves to [Not Set] / [Not Set]. It may take several hours for public DNS to update after a change. This problem may result from other issues listed above.

I checked my glue records with Gandi and they seem to be working

I have run sudo mailinabox to make sure everything is running.

and I get the following:

Please log in to the control panel for further instructions at:


You will be alerted that the website has an invalid certificate. Check that
the certificate fingerprint matches:


Then you can confirm the security exception and continue.

I have tested using mx-toolbox to makesure the dns and on the box is working and its appears to be working.

Any ideas.

I got the system up in running has to do with the DNSSEC record. I had to remove my DNSSEC record from Gandi.

Tried to re-install the DNSSEC record and the system failed again.

Everything works great except the following:

  1. DANE TLSA Incorrect Issue
  2. I cannot set the DNSSEC

Any ideas?

I got to the bottom of this. There was an old certificate issued via Gandi - which I did not revoke. One this was revoked and the DNSSEC was re-added and it works.