DNS problem: NXDOMAIN looking up A for trie1.bsqda.com

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: bsqda.com

I ran this command: certbot certonly --standalone -d bsqda.com -d trie1.bsqda.com

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for trie1.bsqda.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. trie1.bsqda.com (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for trie1.bsqda.com - check that a DNS record exists for this domain


  • The following errors were reported by the server:

    Domain: trie1.bsqda.com
    Type: None
    Detail: DNS problem: NXDOMAIN looking up A for trie1.bsqda.com -
    check that a DNS record exists for this domain

My web server is (include version):
debian 10
The operating system my web server runs on is (include version):
debian 10
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.31.0

Doesn't look like you've set up a DNS record for that hostname, which is what the error message is telling you. You'll need to fix that.

This version is very old; you may want to see if there's a way of getting a more current version of certbot.

I think your DNS setting is faulty:
trie1.bsqda.com canonical name =
That should be an A record type - NOT a CNAME record type.

1 Like

i am updating the cerbot, but i thin i had the dns seted up, her is a pic

i would update cerbot and if it works i will let you know

You can't CNAME to an IP.
Use new "A" record type.

1 Like

you mean something like this?

1 Like

srry for bothering but which version would be nice to be updated? i am having troubles to update but im reading here and there

Hello @knnhood,

To the last one :wink:

The recommended way to install certbot is using snap. If you want to follow the snap way, take a look to these instructions (read them carefully because you must uninstall your current certbot).



hi! tnkx for replying, i updated the cerbot to certbot 1.20.0
now all its working perfectly, as a kind of conclusion i am using now the cname record to create the certs and everything goes well

i was really lost here, second time playing whit vps, but for now thank you all! you are awesome!


I think you might have changed that back to a non-working state.
Global DNS is no longer able to resolve "trie1.bsqda.com".
You should leave that entry as:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.