DNS problem: NXDOMAIN

My domain is: star.vidalia.com.ph

I ran this command:
sudo -H ./letsencrypt-auto certonly --standalone -d star.vidalia.com.ph -d www.star.vidalia.com.ph

It produced this output:
image

My web server is (include version):

Debian GNU/Linux 8.11 (jessie)

Logs (/var/log/letsencrypt/letsencrypt.log)

File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py”, line 154, in _poll_authorizations raise errors.AuthorizationError(‘Some challenges have failed.’) AuthorizationError: Some challenges have failed.

Hi @lessofme,

Your domain star.vidalia.com.ph has a DNS record, but www.star.vidalia.com.ph doesn’t. It looks like your DNS is hosted by Amazon AWS, so you should use your Amazon AWS control panel or other interface to add a DNS record for www.star.vidalia.com.ph in addition to your existing record for star.vidalia.com.ph.

I just use the command
sudo -H ./letsencrypt-auto certonly --standalone -d star.vidalia.com.ph -d star.vidalia.com.ph

It produced this output:

Is there a way to remove the existing or reinstall ?

Five identical certificates have been issued over the last few days. Where are they? Why do you need a sixth?

What does “sudo -H ./letsencrypt-auto certificates” show?

I really don’t know that it was over 5 identical certs. Can I just revoke them all then generate just one ?
image

As the documentation explains, revoking certificates does not affect the rate limits.

Adding www.star.vidalia.com.ph, as you’ve been doing, does avoid the duplicate certificate rate limit. If you add the missing DNS record, that will work.

Still, what happened to the other 5 certificates?

1 Like

those 5 cert registered in www.star.vidalia.com.ph which need to change to star.vidalia.com.ph without the www. Is it possible to make that work?

I don’t understand.

What do you mean by “registered”?

What do you want to change?

I’ve been testing this command since yesterday
sudo -H ./letsencrypt-auto certonly --standalone -d star.vidalia.com.ph -d www.star.vidalia.com.ph

The only goal I wanted for the star.vidalia.com.ph is to be able to show also using HTTPS
but still doesn’t worked. So what I thought those 5 command that I’ve been running, registered.

You said that when you ran the sudo -H ./letsencrypt-auto certificates command, it said No certs found; did you already delete something from this server, or did you use another server or application to generate the five previous certificates?

I did use another server

OK, your options in this case are:

  • Copy the certificates and private keys from that other server, if they still exist and you still have access to them
  • Create the www.star.vidalia.com.ph name in DNS and create a new certificate that covers both names (which will not be considered a duplicate because it will cover a different combination of names)
  • Wait one week for the rate limit on duplicate certificate creation to expire
3 Likes