Hello, I am a trying to register my riptide.monster Nextcloud server with Let's Encrypt. I populated my DNS A record, but it is not being accepted by Certbot. I spent a few hours trying to figure out what is causing it but can't seem to find the fault with it. Could someone help me with it please? Thanks, Viktor
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: riptide.monster
I ran this command: sudo certbot --apache
It produced this output: no valid A records found for riptide.monster; no valid AAAA records found for riptide.monster
My web server is (include version): apache2 (2.4.52-1ubuntu4.5)
The operating system my web server runs on is (include version): Ubuntu 22.04.02 LTS (GNU/Linux 5.15.0.73-generic x86_64)
Let's Encrypt can find your A record but it is for a private IP address. The --apache plug-in uses the HTTP Challenge which requires HTTP access to your server across the public internet. See Let's Debug results (link here)
Either change the IP to your public IP or use the DNS Challenge
Hi Mike, Thanks a lot for your help. I have modified the A record to the public IP address 49.196.221.179. I might have to wait a bit as when I tried to use Let's Encrypt I receive the below error message:
"Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: riptide.monster
Type: connection
Detail: 49.196.221.179: Fetching http://riptide.monster/.well-known/acme-challenge/H_0noPEOb0rxHxI7WnT9bKWR0IyAV1Dz-i3-j95whIk: Timeout during connect (likely firewall problem)
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet."
Thanks again for your and Bruce's help.
Presently your Ports 80 and 443 are not OPEN (likely a firewall).
$ nmap -Pn -p80,443 riptide.monster
Starting Nmap 7.93 ( https://nmap.org ) at 2023-06-05 13:15 PDT
Nmap scan report for riptide.monster (49.196.221.179)
Host is up.
rDNS record for 49.196.221.179: pa49-196-221-179.pa.vic.optusnet.com.au
PORT STATE SERVICE
80/tcp filtered http
443/tcp filtered https
Nmap done: 1 IP address (1 host up) scanned in 3.86 seconds