DNS problem: NXDOMAIN looking up A

I ran this command

sudo certbot-auto certonly --standalone
-d hr.dynamicflowsystems.com -d www.hr.dynamicflowsystems.com

-------and got this

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for hr.dynamicflowsystems.com
http-01 challenge for www.hr.dynamicflowsystems.com
Waiting for verification…
Challenge failed for domain hr.dynamicflowsystems.com
Challenge failed for domain www.hr.dynamicflowsystems.com
http-01 challenge for hr.dynamicflowsystems.com
http-01 challenge for www.hr.dynamicflowsystems.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: hr.dynamicflowsystems.com
  Type: unauthorized
  Detail: Invalid response from
  http://hr.dynamicflowsystems.com/.well-known/acme-challenge/BZO3zOnT997-FkMfH IfoWWkhfnGt1Jz6qjnFcWmVeq8
  [104.210.11.74]: "\n\n<html lang=“en”>\n\n\t<meta
  charset=“utf-8”>\n\t<meta name=“viewpo”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

• The following errors were reported by the server:

  Domain: www.hr.dynamicflowsystems.com
  Type: dns
  Detail: DNS problem: NXDOMAIN looking up A for
  www.hr.dynamicflowsystems.com

This subdomain doesn't exist. If you'd like to use it, you need to add it in your GoDaddy DNS interface first.

The second issue here is that you are using --standalone, which is intended for users who don't have a webserver.

You have Apache as an existing webserver, so you should use --apache instead of --standalone.

hr.dynamicflowsystems.com is exist
and for apache it had to started on web server ubuntu server

But the www. variant doesn't, which is the cause of the first error.

I'm not sure what you mean. --standalone is not suitable if you have a webserver running.

Yes i have web server running

After writing --apache

----------- I had run command

hbadaya@testubuntu:~$ sudo certbot-auto certonly --apache -d hr.dynamicflowsystems.com -d www.hr.dynamicflowsystems.com

-------i got
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for hr.dynamicflowsystems.com
http-01 challenge for www.hr.dynamicflowsystems.com
Enabled Apache rewrite module
Waiting for verification…
Challenge failed for domain hr.dynamicflowsystems.com
Challenge failed for domain www.hr.dynamicflowsystems.com
http-01 challenge for hr.dynamicflowsystems.com
http-01 challenge for www.hr.dynamicflowsystems.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: hr.dynamicflowsystems.com
  Type: unauthorized
  Detail: Invalid response from
  http://hr.dynamicflowsystems.com/.well-known/acme-challenge/u6gLkz4YKu1I8M5YxqRjcjJWkwDT3Aaz9ByKWeRu0JA
  [104.210.11.74]: "\n\n<html lang=“en”>\n\n\t<meta
  charset=“utf-8”>\n\t<meta name=“viewpo”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

• The following errors were reported by the server:

  Domain: www.hr.dynamicflowsystems.com
  Type: dns
  Detail: DNS problem: NXDOMAIN looking up A for
  www.hr.dynamicflowsystems.com

Code ran

~$ sudo certbot-auto certonly --apache -d hr.dynamicflowsystems.com

output
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for hr.dynamicflowsystems.com
Enabled Apache rewrite module
Waiting for verification…
Challenge failed for domain hr.dynamicflowsystems.com
http-01 challenge for hr.dynamicflowsystems.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: hr.dynamicflowsystems.com
  Type: unauthorized
  Detail: Invalid response from
  http://hr.dynamicflowsystems.com/.well-known/acme-challenge/69HIacZ4yqhFfq8TYEKWIFVxdbDXvK-MKaLPp1ozZeA
  [104.210.11.74]: "\n\n<html lang=“en”>\n\n\t<meta
  charset=“utf-8”>\n\t<meta name=“viewpo”

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

Hi @harshitbadaya

there is a check of your domain - 1,5 hours old - https://check-your-website.server-daten.de/?q=hr.dynamicflowsystems.com

Where is your Certbot running? On that ip address? 104.210.11.74?

If not, that can’t work.

Letsencrypt checks that ip to find the validation file.

If you use that ip, what says

apachectl -S

There is an ERP-system running. May be that blocks Certbot.

what can we do for fix this ?
any other solution?

After running this Command
$ apachectl -S

Got this –

AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 10.0.1.5. Set the ‘ServerName’ directive globally to suppress this message
VirtualHost configuration:
*:80 10.0.1.5 (/etc/apache2/sites-enabled/000-default.conf:1)
ServerRoot: “/etc/apache2”
Main DocumentRoot: “/var/www/html”
Main ErrorLog: “/var/log/apache2/error.log”
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex watchdog-callback: using_defaults
PidFile: “/var/run/apache2/apache2.pid”
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name=“www-data” id=33 not_used
Group: name=“www-data” id=33 not_used

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.