Hi it's been two weeks that I'm trying to generate a cert with nginx and no success.
My domain is: allesys-back.shop
I ran this command: sudo certbot --nginx -d allesys-back.shop -d www.allesys-back.shop
It produced this output:
Requesting a certificate for allesys-back.shop and www.allesys-back.shop
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Detail: no valid A records found for allesys-back.shop; no valid AAAA records found for allesys-back.shop
Detail: no valid A records found for www.allesys-back.shop; no valid AAAA records found for www.allesys-back.shop
Hint: The Certificate Authority failed to verify the temporary nginx configuration changes made by Certbot. Ensure the listed domains point to this nginx server and that it is accessible from the internet.
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is: Hostinger
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is: certbot 1.21.0
If I run nslookup www.allesys-back.shop I receive: Server: 192.168.0.1 Address: 192.168.0.1#53
I've added to nginx the domain and I'm able to reach my api using the allesys-back.shop domain.
In my hostinger panel I've already added my ipv4 to A and my ipv6 to AAAA and I still can't generate the cert.
I read loads of topics here with different solutions but not worked for me.
I'm very new to encrypting.
...and just in case the previous posts aren't clear enough: The problem is that the DNS record for allesys-back.shop points to a private IP address. The Internet at large can't connect to private IP addresses (after all, they're private), and Let's Encrypt needs to be able to connect to your server to validate your control over the domain name. You'll need to either point the domain to a public IP address or use a different method of validation.
Many thanks for all the replies! You guys are awesome. I didn't asked because I was browsing all the questions before asking. I'll read all the attached links and try to change the IP to the Public one, then I come here to say if I was able to solve the problem. Once again thanks for all your help.
I disabled the ufw firewall just in case, but everything was allowed.
But when I check the domain in the Network Utility on mac and don't show that my ports are open for the public IP (I read a post from a guy that had the same problem here).
If I set the domain to the private one on hostinger show that the ports are open.
I'm kinda lost on this.
I'm basically using a mini pc as a server wired to my TP Link Router. I'm using nginx running a Nodejs api.
There is the UFW Firewall, but it's deactivated and even when activated everything is allowed.
My Nginx configs are: