I cannot seem to get a certificate. I have spent the whole day thinking that I had set up port forwarding incorrectly - but I do think that I have set it up correctly. If I set my Unraid's management page from port 80 to 180, the Unraid management page shows up when you go to my domain (richardcjay.com). That seems to me like I have both DuckDNS and port forwarding set up correctly?
To be honest I have barely even considered if port 443/1443 is working. I spend the day trying to see if I had port 80/180 set up correctly since that is the first error in the log file.
Does anyone have have any advice?
Thank you for taking the time to read this.
Please read the error message provided by the Let's Encrypt validation server: "No valid IP address found for ...".
Your DNS is incorect: there are NO A or AAAA records for richardcjay.com or richardcjay.co.uk. If you're using the http-01 challenge, which the standalone plugin does, you need to make sure there is a publicly accessible IP address (IPv4 and/or IPv6) set up in the DNS for those hostnames.
I thought that as I had added a DuckDNS domain to the CNAME records and added the Duck DNS docker service to Unraid that I had set this up correctly.
I just tried to add DuckDNS's IP address (3.98.149.180) as the A record for richardcjay.com&.co.uk. I don't know if that is what you were suggesting? I shall give it a couple of hours to let it settle and try again.
I'm not sure what role DuckDNS is playing here. If I check your domain(s), it seems your registar is a company called LCN.com. I don't see any mention of DuckDNS anywhere. See for yourself:
I cannot get a static IP so I have DuckDNS installed on unraid.
I believed that this dynamically updates www.richardcjay.duckdns.org with my IP. By using that domain as a CNAME I have been able to access basically any device that I forward port 80 to on my network from richardcjay.com & .co.uk. I don't understand why it seems to work for everything apart from Let's Encrypt/SWAG.
It looks like the implementation you're using is very, VERY bad.. Really terrible. Revoking and deleting certificates without a very good reason, even if the issuance process hasn't finished yet? (The thing @rg305 noticed at the top of your very first log.) Getting a certificate successfully, but not seeing it? (Your last log.)
Such a terrible implementation is unfortunately not something we can fix, but should be addressed at the software engineers (or lack thereof) of the implementation. Maybe "Swag", maybe Unraid, I dunno.
Also, it seems it's not handling the "URL" parameter as separate hostnames as it only added the www subdomain for your .com domain. See the issued cert here: crt.sh | 5266047933 (look at the "X509v3 Subject Alternative Name" part).
Maybe you could use just a single hostname in the URL parameter and add the other on at the EXTRA_DOMAINS parameter? Perhaps then that implementation issues the correct certificate and perhaps then it recognises it as being available.
That it a thought! I just deleted one of the domains from the Url and it works. I think that having multiple domains in that field was confusing the certbot
