Hello world !!!
I am running two servers behind a loadbalancer and I need to create certificates on both.
The problem is, when System1 has an A record, it can create the cert and creation on System2 fails.
Equal problem when System2 has an A record.
if the DNS points to the loadbalancer, cert creation fails on both systems.
Is there a way to create a certificate if the DNS does not point to the creating system ?
If one system fails, the surviving one should be able to create certs. Currently it works only for the system with the A entry. THe other System gives :
- The following errors were reported by the server:
Domain: <domain.tld>
Type: unauthorized
Detail: Invalid response from
http://<domain.tld>/.well-known/acme-challenge/r4qrF0y_F9wzQrZqnISQkfc1U9miXRrCeBI_TqLDYAM:
"<!DOCTYPE html>
<!--[if lt IE 7]> <html lang="es" class="no-js lt-ie9 lt-ie8
lt-ie7"> <![endif]--> <!--[if IE 7]> <h"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
I ran this command: sudo certbot --dry-run certonly -d <domain.tld> --apache --apache-server-root /etc/httpd/ --apache-vhost-root /etc/httpd/conf.d --apache-le-vhost-ext ββ --reinstall --no-redirect
It produced this output: see above
My web server is (include version) : Apache/2.4.6 (Red Hat Enterprise Linux)
The operating system my web server runs on is (include version): Linux 3.10.0-514.el7.x86_64 #1 SMP Wed Oct 19 11:24:13 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux
I can login to a root shell on my machine (yes or no, or I donβt know): yes