Certbot failed, can not get IP Address

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: weroc.co, www.weroc.co

I ran this command: ```
sudo certbot --nginx certonly


It produced this output: failed to obtain ip address

My web server is (include version): ngnix version 1.14.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 18.04.5 LTS

My hosting provider, if applicable, is: My machine

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of `certbot --version` or `certbot-auto --version` if you're using Certbot): 0.31.0
1 Like

Welcome to the Let’s Encrypt Community :slightly_smiling_face:

In your DNS zone, it looks like weroc.co does not have an A (address) record nor is there a CNAME (canonical name) record from weroc.co to www.weroc.co (which does have an A record). I recommend that you add an A record for weroc.co that points to 199.48.95.138.

Also, your version of certbot is really outdated (0.31.0 vs 1.7.0)

Obviously I’m terrible at these records, just haven’t had to do one on my own. It looks like I have both A records, but not sure what to add to cname.

I tried changing the “www” to www.weroc.co but it reverts back to the “www”. If you could walk me through this in a bit more detail I’d appreciate it.

(Attachment image001.emz is missing)

(Attachment oledata.mso is missing)

1 Like

Obviously I’m terrible at these records, just haven’t had to do one on my own. It looks like I have both A records, but not sure what to add to cname.

I tried changing the “www” to www.weroc.co but it reverts back to the “www”. If you could walk me through this in a bit more detail I’d appreciate it.

A(Host)

Host Record Points To TTL

weroc.co 199.48.95.138 4 hours

www 199.48.95.138 4 hours

CNAME

Host Record Points To TTL

blank blank blank

1 Like

The top host record in fact is weroc.co.weroc.co:

weroc.co.weroc.co.	14400	IN	A	199.48.95.138

Most people don’t know it, but actual hostnames have a full stop at the end for the “root” label. But in almost 99.999999999 % of all mentioned hostnames, the full stop at the end is left out, because it is rather superfluous. However, when working with DNS zonefiles, such as you’re doing now in your DNS configuration panel, these little tiny details play an important part! That’s because your zonefile sees “Host Records” without the trailing dot as a record relative to your DNS zone origin, which is weroc.co..

If you want to enter an absolute host record, you’ll need to add the trailing dot to it. Some (most?) DNS zone editor panels also accept a @ character as a shortcut for the “origin” of the DNS zone, in casu weroc.co..

So my advice to you is to try one (or both if the first one doesn’t work) of the following:

  • change the "Host Record “weroc.co” to “weroc.co.” (notice the tiny change);
  • change the "Host Record “weroc.co” to “@”.
1 Like

You don't need to add any CNAME records. I was just pointing out that weroc.co was not mapped to an IP address.

That is to prevent you from making the mistake that @Osiris has explained. Unfortunately it does not prevent you from only putting weroc.co, which is where you fell. As @Osiris mentioned, it is good practice to simply enter @ when you only want to refer to the base domain name.

I will delete this post as soon as the site allows.

I did that for “weroc.co.”

Now I have a CNAME record “www” Points to “weroc.co” is that correct?

Don’t add any CNAME records. You only need the A record I originally mentioned. A CNAME record creates an alias from what’s on the left to what’s on the right. With the A record in place you don’t need the CNAME.

Well, for some reason not clear to me the weroc.co. still doesn't work, so now your CNAME www subdomain is pointing to a non-functional DNS record and is therefore also non-functional.

I'm also still seeing the weroc.co.weroc.co. hostname resolving perfectly.. Perhaps the Bluehost DNS configuration panel is quite non-standard.. :confused:

Can you post a screenshot of your current DNS configuration panel?

1 Like

This site won’t let me embed/past an image of the “A” record

Use the upload button on the lower right when you’re creating/editing a post. It looks like a box with an up arrow.

I just realized that you’re replying by email. That might make things challenging.

Domain: weroc.co

Type: None

Detail: No Valid IP addresses found for weroc.co

A-record.
Domain: weroc.co
Type: None
Detail: NoValed IP addresses found for weroc.co

1 Like

OK, using the dot-trick doesn’t seem to work. Could you perhaps add @ as Host Record which points to your IP address?

1 Like

Osiris means change “weroc.co.” to “@”.

one record is
www 199.48.95.138

Next is

@ 199.48.95.138

1 Like

That is exactly right.

I also upgraded certbot to 1.7.0

I’ll give it some time then retry

sudo certbot --nginx certonly
1 Like