DNS problem: NXDOMAIN looking up A for trie1.bsqda.com

knnhood · October 31, 2021, 12:26am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: bsqda.com

I ran this command: certbot certonly --standalone -d bsqda.com -d trie1.bsqda.com

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for trie1.bsqda.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. trie1.bsqda.com (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for trie1.bsqda.com - check that a DNS record exists for this domain

IMPORTANT NOTES:

The following errors were reported by the server:

Domain: trie1.bsqda.com
Type: None
Detail: DNS problem: NXDOMAIN looking up A for trie1.bsqda.com -
check that a DNS record exists for this domain

My web server is (include version):
debian 10
The operating system my web server runs on is (include version):
debian 10
My hosting provider, if applicable, is:
njalla
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.31.0

danb35 · October 31, 2021, 1:39am

Doesn't look like you've set up a DNS record for that hostname, which is what the error message is telling you. You'll need to fix that.

This version is very old; you may want to see if there's a way of getting a more current version of certbot.

rg305 · October 31, 2021, 2:21am

I think your DNS setting is faulty:
trie1.bsqda.com canonical name = 185.193.125.184
That should be an A record type - NOT a CNAME record type.

knnhood · October 31, 2021, 2:22am

i am updating the cerbot, but i thin i had the dns seted up, her is a pic

i would update cerbot and if it works i will let you know

rg305 · October 31, 2021, 2:23am

You can't CNAME to an IP.
Use new "A" record type.

knnhood · October 31, 2021, 2:27am

you mean something like this?

knnhood · October 31, 2021, 2:55am

srry for bothering but which version would be nice to be updated? i am having troubles to update but im reading here and there

sahsanu · October 31, 2021, 3:09am

Hello @knnhood,

To the last one

The recommended way to install certbot is using snap. If you want to follow the snap way, take a look to these instructions (read them carefully because you must uninstall your current certbot).

Cheers,
sahsanu

knnhood · October 31, 2021, 4:06pm

hi! tnkx for replying, i updated the cerbot to certbot 1.20.0
now all its working perfectly, as a kind of conclusion i am using now the cname record to create the certs and everything goes well

i was really lost here, second time playing whit vps, but for now thank you all! you are awesome!

rg305 · October 31, 2021, 6:18pm

I think you might have changed that back to a non-working state.
Global DNS is no longer able to resolve "trie1.bsqda.com".
You should leave that entry as:

system · November 30, 2021, 6:18pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.