Certbot failed to authenticate some domain

jweLinux · February 20, 2024, 3:06pm

Hi,

i'm trying to create a cert for a subdomain. The subdomain is a redirect to an IP address.

I'm getting the Error:
"Invalid host in redirect target "xxx.xx.xxx.xxx". Only domain names are supported, not IP addresses"

What do i have to set in the .conf file, so that letsencrypt recognizes the subdomain?

The conf for the subdomain:

NameVirtualHost *:443

SSLStrictSNIVHostCheck off

#Define EnableSSL

<VirtualHost *:80>
        ServerName  subdomain.domain.de
		
		DocumentRoot /var/htdocs/subdomaindir

        <IfModule mod_rewrite.c>
                RewriteEngine On
                RewriteCond %{HTTPS} off
                RewriteCond %{REQUEST_URI} !.*service.*
                RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [NE,R=301,L]
        </IfModule>

        <Directory /var/htdocs/subdomaindir/>
                Options All
                AllowOverride All
                Require all granted
        </Directory>

	TransferLog /var/log/apache2/subdomain.log
</VirtualHost>

<IfDefine EnableSSL>
<VirtualHost *:443>
        SSLEngine on
        SSLProxyEngine on
        SSLProxyVerify none

        SSLCertificateFile /etc/letsencrypt/live/subdomain.domain.de/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/subdomain.domain.de/privkey.pem
        SSLCertificateChainFile /etc/letsencrypt/live/subdomain.domain.de/chain.pem

        ServerName subdomain.domain.de

        <Directory "/var/htdocs/subdomaindir/">
                Options All
                AllowOverride All
                Require all granted
        </Directory>

        ServerAdmin info@domain.de
        DocumentRoot /var/htdocs/subdomaindir/

	TransferLog /var/log/apache2/subdomain.log
</VirtualHost>
</IfDefine>

UnDefine EnableSSL

rg305 · February 20, 2024, 5:00pm

Although redirecting a name to an IP is possible, it is not [yet] allowed by LE.
You must only redirect names to other names and also only to port 80 or port 443 [no other ports are supported].

jweLinux · February 20, 2024, 6:35pm

I know that i cannot use IPs. I have a subdomain. What do i need to change in the conf, so that letsencrypt recognizes the subdomain?

A subdomain is always a redirect.

The ports are 80 and 443.

The command i'm using:

sudo certbot certonly --webroot -w /var/htdocs/subdomaindir -d subdomain.domain.de

rg305 · February 20, 2024, 10:00pm

You first need to get to whatever redirected the request to an IP.
Once you find that, and understand it, you may then be able to configure it to fit your needs.

system · March 21, 2024, 10:00pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Invalid host in redirect target Help	8	1712	May 24, 2022
Cannot create ssl certificate with let's encrypt in subdomain Help	16	1175	August 3, 2023
Invalid response from Help	6	730	February 5, 2019
Certificate on subdomain on specific port on different IP Help	12	4125	September 2, 2020
GERTIFICATE - Invalid response from Help	3	163	June 23, 2024

Certbot failed to authenticate some domain

Related topics