Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
www.jaspberrypi.de jaspberrypi.de
I ran this command:
sudo certbot --nginx
It produced this output:
Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: jaspberrypi.de
Type: dns
Detail: no valid A records found for jaspberrypi.de; no valid AAAA records found for jaspberrypi.de
My web server is (include version):
nginx/1.14.2
The operating system my web server runs on is (include version):
Raspbian GNU/Linux 10 (buster)
My hosting provider, if applicable, is:
Hosting my back-end and front-end on my raspberrypi 4 and administrating the DNS via GoDaddy.com. Additionally, I have a No-Ip account for having a static IP.
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.31.0
Hey guys,
As mentioned in the question I have a problem with generating a SSL certificate for my website with certbot. I am pretty new to this general topic and I am trying to find a way through this, so go easy on me. I have my domain jaspberrypi.de and www.jaspberrypi.de hosted with goDaddy.com and there i have a CNAME entry for my no-ip address jaspberrypi.ddns.net where I have a A record to my public IP. First of all, I was not sure whether I should get a certificate for my two domains jaspberrypi.de and wwww.jaspberrypi.de or for the jaspberrypi.ddns.net address. So, I tried both. However, it gives me an error when I try to generate the certificate for jaspberrypi.de and www.jaspberrypi.de as can be seen in the form above. Contrary, I was able to generate the certificate for the jaspberrypi.ddns.net address but instead of working I get an 404 Error now from my nginx when I try to enter my website. Below you can find the config file of my successful genereated SSL certificate.
upstream loadbalancer {
least_conn;
server localhost:3500;
server localhost:3501;
server localhost:3502;
server localhost:3503;
}
server {
index index.html index.htm index.nginx-debian.html;
server_name jaspberrypi.ddns.net;
# react app & front-end files
location / {
root /home/pi/Documents/projects/todo/todo/build;
try_files $uri /index.html;
}
location /api/ {
proxy_pass http://loadbalancer/;
proxy_buffering off;
proxy_cache off;
proxy_set_header Host $host;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/jaspberrypi.ddns.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/jaspberrypi.ddns.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = jaspberrypi.ddns.net) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name jaspberrypi.ddns.net;
listen 80;
return 404; # managed by Certbot
}
So, to summarize my questions: For which addresses I should generate the SSL certificate to work (In case the first option was the right one, what is the solution to the problem I am facing) and for my working SSL certificate for the other address why do I get a 404 error here and how to solve that? I have returned to my website without SSL certificate meanwhile, in case somebody wonders why there is no 404 Error on the website now.
