Certificate for domain forwarding to DynDNS

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: basiq.ca + two subdomains: paul.basiq.ca, bi.basiq.ca

I ran this command: ./letsencrypt-auto certonly --standalone -d basiq.ca -d www.basiq.ca -d paul.basiq.ca -d bi.basiq.ca

It produced this output (same for the other three):

Domain: basiq.ca
Type: unauthorized
Detail: Invalid response from
http://basiq.ca/.well-known/acme-challenge/QRcVR0p_SvsgMpaqQsjPaDb4U4v1t2wXLgMPI1X-KOE
[66.96.147.115]: "\r\n\r\n\r\n \r\n

404 Error - Page Not Found\r\n \r\n #ad_frame"

My web server is (include version): apache2.4 behind nginx as reverse proxy

The operating system my web server runs on is (include version): OEL 7.9

My hosting provider, if applicable, is: iPage

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.38.0

I have a domain name basiq.ca with iPage. Also two subdomains: paul.basiq.ca and bi.basiq.ca
All three are redirected to: basiq.dyndns.org
paul.basiq.dyndns.org
bi.basiq.dyndns.org

IPage configuration:

  • CNAME alias is empty (when I tried to create for the three of them their CNAME, I eas impossible to reach me server.
  • A Record: Host Poins To:
    paul 66.96.147.115
    basiq.ca 66.96.147.115
    bi 66.96.147.115

I have nothing on their site, all is hosted on my Apache server behind a nginx reverse proxy (and all is working well).
I don’t know what to do, what can be the next step to resolve this problem. Thank you.

2

Hi @misurex

checking your domain there are errors ( https://check-your-website.server-daten.de/?q=basiq.ca ):

/.well-known/acme-challenge/random-filename answers with the correct http status 404 - Not found.

But the content:

<!DOCTYPE HTML> <html> <head> <title>404 Error - Page Not Found</title> <style> #ad_frame{ height:800px; width:100%; } body{ margin:0; border: 0; padding: 0; } </style> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> <script type="text/javascript" language="JavaScript"> var url = 'http://www.iyfipgun.com/?dn=' + document.domain + '&pid=9POL6F2H4'; $(document).ready(function() { $('#ad_frame').attr('src', url); }); </script> </head> <body> <iframe id="ad_frame" src="http://www.iyfipgun.com/" frameborder="0" scrolling="no"> <!-- browser does not support iframe's --> </iframe> </body> </html>

Is that your server? Or answers the wrong server?

If you use --standalone: Do you stop the running Apache?

And there is a wildcard certificate.

3

Thank you for your answer (was very quick).

I entered on my iPage account, and there, in the root directory there are six folders:

basiq.ca

basiq.ca-redirect

bi.basiq.ca

bi.basiq.ca-redirect

paul.basiq.ca

paul.basiq.ca-redirect

The content of basiq.ca and basiq.ca-redirect, an index.html for each of them (is the same content):

image.png
image.png1118×774 81.3 KB

4

That's the content of basiq.dyndns.org, that's a different domain.

Your basiq.ca has a redirect to that domain. But the browser shows the new domain.

5

basiq.ca points to basiq.dyndns.org which points to my server at home. I don’t have a static IP that’s why I use dyndns. I thought that is normal that basiq.ca change its name once that dyndns takes charge. So you are saying that even if I pass through dyndns, the site must keep its original name /source ( I very much love the idea)? In this case, what can I do to put the thing strait ?

By the way, by default nginx listen to basiq.ca (and it’s working). Thank you for your patience.

6

This morning I found out where the odd content came from. It’s the page below, that by all means isn’t mine. It’s an http://www.iyfipgun.com/?dn=paul.basiq.ca&pid=9POL6F2H4, so something impersonating basiq.ca ??

What can I do ? Thank you.

image.png

7

What means points?

Domain name 1 -> domain name 2 is different from domain name -> ip address.

Your basiq.ca ( https://check-your-website.server-daten.de/?q=basiq.ca ):

Host T IP-Address is auth. ∑ Queries ∑ Timeout
basiq.ca A 66.96.147.115 Burlington/Massachusetts/United States (US) - The Endurance International Group, Inc. Hostname: 115.147.96.66.static.eigbox.net yes 1 0
AAAA yes
www.basiq.ca A 66.96.147.115 Burlington/Massachusetts/United States (US) - The Endurance International Group, Inc. Hostname: 115.147.96.66.static.eigbox.net yes 1 0
AAAA yes

There is an iframe included. there is your iyfipgun.

Your other domain - https://check-your-website.server-daten.de/?q=basiq.dyndns.org

Host T IP-Address is auth. ∑ Queries ∑ Timeout
basiq.dyndns.org A 69.156.70.190 Québec/Canada (CA) - Bell Canada Hostname: anclpq0104w-lp140-02-69-156-70-190.dsl.bell.ca yes 1 0
AAAA yes
www.basiq.dyndns.org C basiq.dyndns.org yes 1 0
A 69.156.70.190 Québec/Canada (CA) - Bell Canada Hostname: anclpq0104w-lp140-02-69-156-70-190.dsl.bell.ca yes

So your basiq.ca has the wrong ip, may be the content of your hoster.

If you want to skip your hoster setup, you need a CNAME basiq.ca -> basiq.dyndns.org, so basiq.ca has the same ip address as basiq.dyndns.org.

But it may be impossible to create a CNAME with the root domain name (not a subdomain).

8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.