Certificate for own domain added to dynu.com

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: gkhtpc.gq

I ran this command: certbot --nginx -d gkhtpc.gq

It produced this output:

Challenge failed for domain gkhtpc.gq
Challenge failed for domain www.gkhtpc.gq
http-01 challenge for gkhtpc.gq
http-01 challenge for www.gkhtpc.gq
Cleaning up challenges
Some challenges have failed.

  To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

My web server is (include version): nginx 1.18.0

The operating system my web server runs on is (include version): ubuntu 20.04.3 LTS

My hosting provider, if applicable, is: contabo

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): webmin

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.40.0

Please include the actual error message in your certbot output.

1 Like

Hi @greg811 and welcome to the LE community forum :slight_smile:

Please check that IP is updated:
Your output of:
curl -4 ifconfig.co

should match:

Name:    gkhtpc.gq
Address: 31.6.179.253

Name:    www.gkhtpc.gq
Address: 31.6.179.253

If not, then you need to check on the program that is supposed to keep your IP in sync.
If so, then you need to check on your router to ensure it is forwarding the HTTP(S) requests to your internal (system) IP.
If both of those look right, then make sure your local device is not firewall blocking those ports either.
If ports are being allowed, then check that the nginx is actually running on port 80.
If all that seems right and you are still having a problem... call an exorcist - Happy Halloween! (LOL)

You must have a working HTTP site before you can secure it (via HTTP authentication).

curl -Iki http://gkhtpc.gq/
curl: (56) Recv failure: Connection reset by peer