Certbot fails to find A record for new subdomain

My domain is: seirdy.one, www.seirdy.one, staging.seirdy.one, libravatar.seirdy.one

I recently added a new subdomain: libravatar.seirdy.one. With dig, I have verified that it has the correct A and AA records; I am even able to make successful unencrypted HTTP requests to it from a client that doesn't support HSTS headers.

Next, I tried to expand my LE cert to include it with certbot. The TTL was set to half an hour, but my issues persist well after that duration.

I ran this command: sudo certbot certonly --domain seirdy.one --domain www.seirdy.one --domain staging.seirdy.one --domain libravatar.seridy.one --key-type ecdsa --dry-run

It produced this output:

Simulating renewal of an existing certificate for seirdy.one and 3 more domains
Performing the following challenges:
http-01 challenge for libravatar.seridy.one
http-01 challenge for seirdy.one
http-01 challenge for staging.seirdy.one
http-01 challenge for www.seirdy.one
Using default addresses 80 and [::]:80 ipv6only=on for authentication.
Waiting for verification...
Challenge failed for domain libravatar.seridy.one
http-01 challenge for libravatar.seridy.one
Cleaning up challenges
Some challenges have failed.

 - The following errors were reported by the server:

   Domain: libravatar.seridy.one
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up A for
   libravatar.seridy.one - check that a DNS record exists for this

My web server is: Nginx 1.19.10

The operating system my web server runs on is: Fedora 33 (Cloud Edition)

My hosting provider, if applicable, is: Digitalocean

I can login to a root shell on my machine: Yes

I'm using a control panel to manage my site: No

The version of my client is: certbot 1.14.0



I think you misspelled the domain part of the new subdomain... It's seirdy.one not seridy.one :joy:

Thank you


holy crap. Thanks. I spent so long trying to fix this, and it was one dumb typo in the CLI.



This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.