404 error when generating cert

ninety6days · July 3, 2023, 10:36pm

Hi all, have been trying to generate certs but no joy. Have checked, site is accessible via browser on HTTP. Ran letsdebug, it found no problems. Bit of a novice, all advice appreciated.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: soapbox.ie

I ran this command: sudo certbot certonly --apache -v

It produced this output:Requesting a certificate for soapbox.ie and www.soapbox.ie
Performing the following challenges:
http-01 challenge for soapbox.ie
Waiting for verification...
Challenge failed for domain soapbox.ie
http-01 challenge for soapbox.ie

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: soapbox.ie
Type: unauthorized
Detail: 78.153.212.172: Invalid response from http://soapbox.ie/.well-known/acme-challenge/uGLVSXcruLcJWHI7qAlS4kFvZF3vQxpoIAKd26kMUJ4: 404

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Cleaning up challenges
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): Apache 2.4.55

The operating system my web server runs on is (include version): Ubuntu 23.04

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): NO

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): .2.6.0

MikeMcQ · July 3, 2023, 10:57pm

Welcome to the community @ninety6days

You did some good checking already so let's look more into Apache. Can you show result of this

sudo apache2ctl -t -D DUMP_VHOSTS

I'll be offline for a bit but any other volunteer will find that info helpful. I just couldn't help reply to an .ie domain

ninety6days · July 4, 2023, 1:00pm

Hey thanks for getting back so quickly Mike! Output below

VirtualHost configuration:
*:443 soapbox.ie (/et
c/apache2/sites-enabled/soapbox.ie.con
f:21)
*:80 soapbox.ie (/et
c/apache2/sites-enabled/soapbox.ie.con
f:36)

ninety6days · July 4, 2023, 1:01pm

Im sure it didnt need saying but the IP above starting in 78 is my domain registrar.

MikeMcQ · July 4, 2023, 2:12pm

Glad you did say because your DNS A record should have the public IP for your Apache server. Might that be 86.41.90.54 ?

PS: I got a good laugh from your placeholder

ninety6days · July 4, 2023, 2:58pm

Glad to bring a little mirth!!

Yeah the 86 is where im hosting.

MikeMcQ · July 4, 2023, 3:02pm

After you change the A record IP you only have to wait for your registrar's authoritative DNS servers to sync. You do not have to wait for worldwide DNS propagation.

Once the below command shows your 86 address you can try getting a cert again (or, use unboundtest.com)

dig +noall +answer soapbox.ie @ns1.blacknight.com
soapbox.ie.             3600    IN      A       78.153.212.172

ninety6days · July 4, 2023, 9:22pm

Okay, thanks for help so far. Took your advice, command still gives backthe 78. I assume there's nothing i can do here except wait?

Tried unbound test, results are below :

Query results for CAA soapbox.ie

Response:
;; opcode: QUERY, status: NOERROR, id: 32800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version 0; flags: do; udp: 512

;; QUESTION SECTION:
;soapbox.ie. IN CAA

;; AUTHORITY SECTION:
soapbox.ie. 0 IN SOA ns1.blacknight.com. hostmaster.blacknight.com. 1275125879 14400 7200 2419200 3600

----- Unbound logs -----
Jul 04 21:14:29 unbound[592010:0] notice: init module 0: validator
Jul 04 21:14:29 unbound[592010:0] notice: init module 1: iterator
Jul 04 21:14:29 unbound[592010:0] info: start of service (unbound 1.16.3).
Jul 04 21:14:30 unbound[592010:0] info: 127.0.0.1 soapbox.ie. CAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving soapbox.ie. CAA IN
Jul 04 21:14:30 unbound[592010:0] info: priming . IN NS
Jul 04 21:14:30 unbound[592010:0] info: response for . NS IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <.> 199.7.83.42#53
Jul 04 21:14:30 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:30 unbound[592010:0] info: priming successful for . NS IN
Jul 04 21:14:30 unbound[592010:0] info: response for soapbox.ie. CAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <.> 2001:500:2d::d#53
Jul 04 21:14:30 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:30 unbound[592010:0] info: resolving g.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving h.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: resolving d.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving h.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving g.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: resolving i.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: resolving c.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving e.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving d.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: resolving e.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: resolving c.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: resolving i.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving a.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: response for soapbox.ie. CAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:30 unbound[592010:0] info: resolving ns1.blacknight.com. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving ns2.blacknight.com. A IN
Jul 04 21:14:30 unbound[592010:0] info: resolving ns2.blacknight.com. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: resolving ns1.blacknight.com. A IN
Jul 04 21:14:30 unbound[592010:0] info: response for a.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for i.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for c.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for e.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for d.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for c.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for i.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for g.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for h.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for d.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for h.ns.ie. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for g.ns.ie. AAAA IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:30 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:30 unbound[592010:0] info: response for ns2.blacknight.com. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <.> 192.203.230.10#53
Jul 04 21:14:30 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:30 unbound[592010:0] info: response for ns2.blacknight.com. A IN
Jul 04 21:14:30 unbound[592010:0] info: reply from <com.> 2001:502:8cc::30#53
Jul 04 21:14:30 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: response for a.ns.ie. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for d.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for d.ns.ie. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for g.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for g.ns.ie. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for c.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for c.ns.ie. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for h.ns.ie. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for h.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for i.ns.ie. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for i.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for e.ns.ie. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for h.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 194.146.106.98#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for ns1.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 2001:500:1::53#53
Jul 04 21:14:31 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: response for ns1.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <com.> 2001:503:39c1::30#53
Jul 04 21:14:31 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: response for ns2.blacknight.com. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <blacknight.com.> 185.28.194.194#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for g.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for d.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for c.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for i.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for soapbox.ie. CAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <soapbox.ie.> 81.17.254.6#53
Jul 04 21:14:31 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:31 unbound[592010:0] info: prime trust anchor
Jul 04 21:14:31 unbound[592010:0] info: generate keytag query _ta-4f66. NULL IN
Jul 04 21:14:31 unbound[592010:0] info: resolving . DNSKEY IN
Jul 04 21:14:31 unbound[592010:0] info: priming . IN NS
Jul 04 21:14:31 unbound[592010:0] info: resolving _ta-4f66. NULL IN
Jul 04 21:14:31 unbound[592010:0] info: priming . IN NS
Jul 04 21:14:31 unbound[592010:0] info: response for ns1.blacknight.com. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 2001:500:9f::42#53
Jul 04 21:14:31 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: response for ns2.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 2001:500:9f::42#53
Jul 04 21:14:31 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: response for ns1.blacknight.com. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <com.> 192.41.162.30#53
Jul 04 21:14:31 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: response for ns2.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <com.> 2001:503:39c1::30#53
Jul 04 21:14:31 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: response for ns1.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <blacknight.com.> 185.28.194.194#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for ns1.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <blacknight.com.> 2a00:fea0:dead::beef#53
Jul 04 21:14:31 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for ns1.blacknight.com. A IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <blacknight.com.> 2a01:a8:dc3:3313::aaaa#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for ns2.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <blacknight.com.> 78.153.212.176#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for . NS IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 193.0.14.129#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: priming successful for . NS IN
Jul 04 21:14:31 unbound[592010:0] info: priming successful for . NS IN
Jul 04 21:14:31 unbound[592010:0] info: response for _ta-4f66. NULL IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 192.33.4.12#53
Jul 04 21:14:31 unbound[592010:0] info: query response was NXDOMAIN ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for ns2.blacknight.com. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <blacknight.com.> 81.17.254.6#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for . DNSKEY IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 199.7.83.42#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: validate keys with anchor(DS): sec_status_secure
Jul 04 21:14:31 unbound[592010:0] info: Successfully primed trust anchor . DNSKEY IN
Jul 04 21:14:31 unbound[592010:0] info: resolving ie. DS IN
Jul 04 21:14:31 unbound[592010:0] info: response for ie. DS IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 2001:7fd::1#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:31 unbound[592010:0] info: validated DS ie. DS IN
Jul 04 21:14:31 unbound[592010:0] info: resolving ie. DNSKEY IN
Jul 04 21:14:31 unbound[592010:0] info: response for ie. DNSKEY IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <.> 192.33.4.12#53
Jul 04 21:14:31 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:31 unbound[592010:0] info: resolving a.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: response for a.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 2620:10a:80ac::210#53
Jul 04 21:14:31 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:31 unbound[592010:0] info: response for a.ns.ie. AAAA IN
Jul 04 21:14:31 unbound[592010:0] info: reply from <ie.> 185.159.199.210#53
Jul 04 21:14:31 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for ie. DNSKEY IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 192.111.39.100#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: validated DNSKEY ie. DNSKEY IN
Jul 04 21:14:32 unbound[592010:0] info: resolving soapbox.ie. DS IN
Jul 04 21:14:32 unbound[592010:0] info: priming . IN NS
Jul 04 21:14:32 unbound[592010:0] info: response for a.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2001:7c8:2:a::64#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for . NS IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <.> 2001:500:200::b#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: priming successful for . NS IN
Jul 04 21:14:32 unbound[592010:0] info: response for soapbox.ie. DS IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <.> 2001:dc3::35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was REFERRAL
Jul 04 21:14:32 unbound[592010:0] info: resolving c.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: resolving c.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: resolving e.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: resolving h.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: resolving e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: resolving g.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: resolving h.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: resolving g.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: resolving i.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: resolving d.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: resolving d.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: resolving a.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: response for d.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for g.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for g.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for a.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for d.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for i.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for h.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: resolving e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: response for h.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for c.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for c.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for d.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for g.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for g.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for a.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for d.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for c.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2620:10a:80ac::210#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: resolving g.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for g.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.146.106.98#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for c.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for d.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for g.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 185.159.199.210#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for h.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for h.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for i.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. A IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for g.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for h.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 194.0.25.35#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for c.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 77.72.229.245#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for e.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for i.ns.ie. AAAA IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was ANSWER
Jul 04 21:14:32 unbound[592010:0] info: response for soapbox.ie. DS IN
Jul 04 21:14:32 unbound[592010:0] info: reply from <ie.> 2a01:4b0::40#53
Jul 04 21:14:32 unbound[592010:0] info: query response was nodata ANSWER
Jul 04 21:14:32 unbound[592010:0] info: NSEC3s for the referral proved no DS.
Jul 04 21:14:32 unbound[592010:0] info: Verified that unsigned response is INSECURE

MikeMcQ · July 4, 2023, 9:25pm

You need to go on your domain registrar site and change the IP address in the A record

That dig command should show the correct result very quickly (seconds maybe minutes)

ninety6days · July 4, 2023, 9:58pm

So this is what has me confused. Right now i have three A records as follows:

||A|www.soapbox.ie.|86.41.90.54|3600|Manual| Active| Yes|
| |A|www.soapbox.ie.|78.153.212.172|3600|System| Active| Yes|
| |A|soapbox.ie.|78.153.212.172|3600|System| Active| Yes|

But removing the ones pointing to the registrar seems counterintuitive, as both www.soapbox.ie and soapbox.ie lead to my placeholder page so....I'm absolutely not saying you're mistaken, I just don't understand why you're correct. Is there ay chance you could explain it to me?

MikeMcQ · July 4, 2023, 10:25pm

Any client (like a browser) on the public internet uses your domain name to lookup your IP address. It is the IP address that dictates what that client will connect to. Your domain name is a friendly way to describe your IP.

So, your DNS A record should have the IP of your server. It may have been fine to have it point to your registrar for their parking page at one time. But, now that you want people to reach your Apache server it should be your public IP.

Your www domain has 2 IP addresses. So, someone looking up your domain name in the DNS will use one or the other. In some more complex setups multiple IP addresses are fine. But, in your case you just have the one server so it is not. If someone is lucky and gets your 86 address from the DNS lookup they reach your server. If they get the 78 address they get your registrar's site.

In your first post you didn't get an error for the www domain. That was just luck that it used the 86 address that time.

Maybe the below helps to visualize what happens. In this case I am using the client program curl to make an HTTP request. I am using the actual IP addresses to show the different results people would get with your www domain and its 2 IP addresses:

(this is your server.  Page has comments about Jimi and Jonah)
curl -I 86.41.90.54
HTTP/1.1 200 OK
Server: Apache/2.4.55 (Ubuntu)
Content-Length: 396

(note no version in Server, an X-SERVER header, and different content-length)
(this is their Domain Default Page)
curl -I 78.153.212.172
HTTP/1.1 200 OK
Server: Apache
X-SERVER: 3242
Content-Length: 1674

ninety6days · July 4, 2023, 10:57pm

Thank you so much, that makes sense.

ninety6days · July 4, 2023, 10:59pm

Aaaaand it worked a charm. Thanks Mike!

MikeMcQ · July 4, 2023, 11:04pm

Now you just have to configure your HTTPS (port 443) VirtualHost

Had you left off "certonly" the --apache plug-in would have made one for you. And, setup redirects from HTTP to HTTPS. But, updating Apache by hand is fine too. Cheers

ninety6days · July 4, 2023, 11:16pm

As you were replying i got there - a cert deployed here, the conf edited to autodirect to 443 there...and were all set. Thanks again!

system · August 3, 2023, 11:17pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Some challenges are failed Help	17	247	August 5, 2024
Failure to repeatedly generate certificates Help	6	1025	January 7, 2022
Help cant get ssl certs Help	3	492	March 17, 2023
I am not able to generate cert Help	4	539	November 22, 2023
Certbot - 404 Invalid Response From Can't get certificate Help	6	573	January 2, 2021

404 error when generating cert

Related topics