Trying to gen a cert for sesher.co. Sesher.co is registered with godaddy, but DNS is hosted dreamhost (I read that godaddy wouldn’t support let’s encrypt so I moved DNS to dreamhost. I really I would like to host dns on Amazon but I don’t think that’s support either please let me know though). App is rails and is hosted on heroku. When I run
rake letsencrypt_plugin RAILS_ENV=production
I get the error
Challenge verification failed! Error: urn:acme:error:unknownHost: No IPv4 addresses found for sesher.co
Your DNS provider doesn't need to support Let's Encrypt in any way. Some web hosts might decide to include support for Let's Encrypt for things like shared hosting plans, where they would might offer a one-click setup in their management UI, but that doesn't mean it's not possible or significantly harder with anyone else.
Verification happens on a HTTP (or HTTPS) level, so as long as you can serve your site to the public (or rather serve specific content on a certain path; which is what the gem does behind the scenes), you're good to go.
That’s simply the DNS server @mbrugger is using, which would then check the NS records for that domain and ask the responsible DNS server for the A record (which doesn’t exist, that’s the issue).
I am using heroku which doesn’t give you an IP to set as the A record. You can only use cnames. I moved the DNS to cloudflare which let’s you alias the A record, now I am getting this error:
Sorry, I should have been more specific. CNAME will work too. The issue was that there wasn’t any record for sesher.co. (Not that moving to CloudFlare is a bad idea anyway IMO, they have one of the fastest DNS networks )
As for the rest, @Osiris pointed you in the right direction. You’ll want to make sure that a request to http://sesher.co/.well-known/acme-challenge/{random token} works - without any authentication or something similar.
)