Changed ec2 instance

My domain is:

I ran this command: sudo certbot

It produced this output:
The following errors were reported by the server
type dns
detail Dns problem: NXDOMAIN looking up A for
- check that a DNS record exists for this domain

My web server is (include version): nginx 1.20.0

The operating system my web server runs on is (include version): Amazon linux 2 (4.14.241

My hosting provider, if applicable, is: Amazon Web Services

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.11.0

This problem occurred after I switched from a ubuntu based Linux system to the amazon one. I revoked the certificate on the ubuntu system and tried to acquire a new one for my original domain on the Amazon one.

Im quite new to SSL certificates so any help would be appreciated.

Jasper De Smet

Hi @DankyeKang, and welcome to the LE community forum :slight_smile:

Welcome aboard!

This is not an SSL/TLS problem (it's a DNS problem):

and it will prevent the process from continuing.

I see that an IP is now resolving for it (maybe that was a temporary DNS synchronization issue).


Please retry the certbot command in test mode (with --dry-run).

Hi @rg305

Thanks for the quick reply,

I tried the command sudo certbot --dry-run
I get the error message that dry-run currently only works with the certonly or renew subcommand
I tried them both. Both stated that the dry-run was successful.

When i try the sudo certbot command without the --dryrun option
i still get the same error message

Unfortunately, I'm still not quite sure where to go from here.
It seems I have the certificate and it's stored in /etc/letsencrypt/live/
But I wouldn't know how to actually use it since on my previous ubuntu instance everything just kind of worked after I executed the sudo certbot command

for some more context:
I followed the steps described in Tutorial: Configure SSL/TLS on Amazon Linux 2 - Amazon Elastic Compute Cloud in the Certificate automation: Let's Encrypt with Certbot on Amazon Linux 2 section and since I use Nginx instead of Apache i changed the package downloaded.

That's good.
You can verify the status of all your certbot managed certs with:
certbot certificates

Configuring ngingx to use a cert can be automated by using the nginx installer OR you can manually create a vhost config that will server the name on the cert securely using the new cert.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.