Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: coder-gage.dev
I ran this command: certbot certonly -d coder-gage.dev --server "https://dv.acme-v02.api.pki.goog/directory" --standalone
It produced this output:
Requesting a certificate for coder-gage.dev
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Detail: DNS look-up of coder-gage.dev returned no results.
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
My web server is (include version): Don't know
The operating system my web server runs on is (include version): Don't know
My hosting provider, if applicable, is: Google Domains
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): 2.6.0
If you have a question, it'd be good for you to ask it, rather than to leave us to infer it from the error message you received. But in this case it's pretty clear, as is the resolution: there are no DNS records for your domain. You'll need to create them.
What and how did you create them?
Google's DNS servers don't seem to think so:
dan@Dan-MBP-2019 ~ dig @ns-cloud-a3.googledomains.com coder-gage.dev
; <<>> DiG 9.10.6 <<>> @ns-cloud-a3.googledomains.com coder-gage.dev
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17196
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;coder-gage.dev. IN A
;; AUTHORITY SECTION:
coder-gage.dev. 300 IN SOA ns-cloud-a1.googledomains.com. cloud-dns-hostmaster.google.com. 3 21600 3600 259200 300
;; Query time: 85 msec
;; SERVER: 188.8.131.52#53(184.108.40.206)
;; WHEN: Fri Jun 16 17:29:13 EDT 2023
;; MSG SIZE rcvd: 136
...and since they're authoritative for your domain, there's your problem.
Using Google domains. I clicked "Manage custom records", then I added a CNAME record for my website.
To setup a website you need to point your domain at the IP address of a server. So if you type your domain into Dig (DNS lookup) it should normally show an A record pointing to an IP address.
You can use CNAMEs pointing to other names (which eventually resolve to an IP address), but the DNS system currently says you don't have that either.
- get a DNS result showing up using dig first
- then try accessing your website using http - if the name doesn't resolve to a website you're not going to get a cert using http validation.
- then try setting up your certificate.
Please show that page and entry.
However, the first two links work as https without the certificate, but the last one doesn't.
The domain in your first post was your apex domain (or root domain). You were trying to get a cert using the HTTP Challenge method. That requires an A and/or AAAA record to reach your server. A CNAME is not allowed at the apex but could be used for your subdomains.
Right now I don't see any problem with the 3 subdomains from your most recent post. Two of them use Cloudflare CDN and give a proper response to HTTPS. The object-project domain uses netlify with a valid Let's Encrypt cert.
I'm not really sure what the problem is. It would help if you explained what you are trying to use that cert for. And, why you prefer a cert from Google rather than Let's Encrypt
I'm trying to add a subdomain as an alternative link to my GitBook website. It is for
tux-corp.coder-gage.dev, but fails to load the certificate.
that tux-corp domain cert looks fine to me.
I'm not familiar with that tool you show in last post so don't know what to say about that. And, I don't usually offer much help unless using Let's Encrypt certs which right now tux-corp is using Google CA
Maybe ask on a forum where you got that tool
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.