Certbot plugin for squarespace domains

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://www.reidbras.dev

I ran this command: sudo certbot-auto certonly --manual --email=reidbras.gmail.com --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.reidbras.dev

It produced this output:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
You may need to use an authenticator plugin that can do challenges over DNS.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.

My web server is (include version): nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 22.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.6.0

And if you happen to be OK with it... Merry Christmas!
[if not, just disregard my best wishes]

That's no longer how it's called.
You can remove the "-auto".

Do you need a wildcard cert?
[wildcard certs require DNS-01 authentication]

2 Likes

Maybe not with some ancient version of whatever certbot-auto installed the last time before it was discontinued.

Although OP stated the version is 2.6.0, hmm.. :thinking:

2 Likes

Hi @reid1,

Here is a list of DNS providers who easily integrate with Let's Encrypt DNS validation

Edit:
image

3 Likes

Looks like OP uses NSOne as the DNS provider, and Certbot has a plugin for that: Welcome to certbot-dns-nsone’s documentation! — certbot-dns-nsone 0 documentation

Although I also see many ns01.squarespacedns.com-like servers as nameserver for the domain listed..?

3 Likes

The SOA is dns1.p01.nsone.net., so I would go with @Osiris recommendation.

$ nslookup -q=soa reidbras.dev dns1.p01.nsone.net.
Server:         dns1.p01.nsone.net.
Address:        198.51.44.1#53

reidbras.dev
        origin = dns1.p01.nsone.net
        mail addr = hostmaster.nsone.net
        serial = 1703524283
        refresh = 43200
        retry = 7200
        expire = 1209600
        minimum = 3600
2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.