Certbot failed to authenticate some domain


i'm trying to create a cert for a subdomain. The subdomain is a redirect to an IP address.

I'm getting the Error:
"Invalid host in redirect target "xxx.xx.xxx.xxx". Only domain names are supported, not IP addresses"

What do i have to set in the .conf file, so that letsencrypt recognizes the subdomain?

The conf for the subdomain:

NameVirtualHost *:443

SSLStrictSNIVHostCheck off

#Define EnableSSL

<VirtualHost *:80>
        ServerName  subdomain.domain.de
		DocumentRoot /var/htdocs/subdomaindir

        <IfModule mod_rewrite.c>
                RewriteEngine On
                RewriteCond %{HTTPS} off
                RewriteCond %{REQUEST_URI} !.*service.*
                RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE,R=301,L]

        <Directory /var/htdocs/subdomaindir/>
                Options All
                AllowOverride All
                Require all granted

	TransferLog /var/log/apache2/subdomain.log

<IfDefine EnableSSL>
<VirtualHost *:443>
        SSLEngine on
        SSLProxyEngine on
        SSLProxyVerify none

        SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.de/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.de/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.de/chain.pem

        ServerName subdomain.domain.de

        <Directory "/var/htdocs/subdomaindir/">
                Options All
                AllowOverride All
                Require all granted

        ServerAdmin info@domain.de
        DocumentRoot /var/htdocs/subdomaindir/

	TransferLog /var/log/apache2/subdomain.log

UnDefine EnableSSL

Although redirecting a name to an IP is possible, it is not [yet] allowed by LE.
You must only redirect names to other names and also only to port 80 or port 443 [no other ports are supported].


I know that i cannot use IPs. I have a subdomain. What do i need to change in the conf, so that letsencrypt recognizes the subdomain?

A subdomain is always a redirect.

The ports are 80 and 443.

The command i'm using:

sudo certbot certonly --webroot -w /var/htdocs/subdomaindir -d subdomain.domain.de

You first need to get to whatever redirected the request to an IP.
Once you find that, and understand it, you may then be able to configure it to fit your needs.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.