Can't create Certificate for my domain

60Jordangaming · September 29, 2023, 11:13am

My domain is:diamondmine.xyz

I ran this command: certbot certonly --nginx -d panel.diamondmine.xyz

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for panel.diamondmine.xyz

Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
  Domain: panel.diamondmine.xyz
  Type:   dns
  Detail: DNS problem: NXDOMAIN looking up A for panel.diamondmine.xyz - check that a DNS record exists for this domain                                                                      ; DNS problem: NXDOMAIN looking up AAAA for panel.diamondmine.xyz - check that a DNS record exists for this domain

Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the                                                                       listed domains point to this nginx server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsenc                                                                      rypt.log or re-run Certbot with -v for more details.

The operating system my web server runs on is (include version): Ubuntu 22.04.3 LTS

My hosting provider, if applicable, is: hetzner

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.21.0

MikeMcQ · September 29, 2023, 12:00pm

The --nginx plug-in uses the HTTP Challenge to validate your domain. But, as the error explains, you do not have an A (and/or AAAA) record in your DNS with your public IP. The Let's Encrypt servers need that to locate your panel server. And, anyone else on the internet would need that too.

You have an A record for your root domain. But, not for your panel subdomain

60Jordangaming · September 29, 2023, 1:18pm

Thanks, I will see if I can try to migrate this to Cloudflare to see if the domain can work with a better DNS system as it seems to always work from cloudflare

MikeMcQ · September 29, 2023, 1:31pm

I don't know why that would be necessary. Just add the appropriate A record (or AAAA record if you support IPv6) in the DNS panel.

Contact your DNS hosting provider for instructions but it should be pretty easy.

rg305 · September 29, 2023, 1:32pm

Too late, it's already at CF:

diamondmine.xyz nameserver = sreeni.ns.cloudflare.com
diamondmine.xyz nameserver = bryce.ns.cloudflare.com

And it shows an IP:

nslookup panel.diamondmine.xyz sreeni.ns.cloudflare.com
Server:  sreeni.ns.cloudflare.com
Address: 172.64.34.178
Name:    panel.diamondmine.xyz
Address: 116.202.160.229

system · October 29, 2023, 1:33pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot failed to authenticate Help	6	260	June 13, 2024
Problem with Certbot when creating a new Certificate Help	6	673	November 2, 2021
Certbot failed to authenticate some domains (authenticator: nginx) Help	4	47	September 5, 2024
Certbot SSL Certification - Failed Help	3	208	June 11, 2024
Certbot NGINX - Some challenges have failed Help	7	2754	April 12, 2023

Can't create Certificate for my domain

Related topics