Domain verification failed


#1

Hello,

I can not self-sign my domain with a ssl certificate. Below the informations.

Letsdebug.net says everything is ok:
https://letsdebug.net/dmfstudentrad.no/1397

My domain is: www.dmfstudentrad.no

I ran this command:
sudo certbot --apache

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org

Which names would you like to activate HTTPS for?

1: dmfstudentrad.no
2: www.dmfstudentrad.no

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for dmfstudentrad.no
http-01 challenge for www.dmfstudentrad.no
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.dmfstudentrad.no (http-01): urn:acme:error:dns :: DNS problem: NXDOMAIN looking up A for www.dmfstudentrad.no

My web server is (include version):

The operating system my web server runs on is (include version): centos 7 newest

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes


#2

Hi @Jony,

Your subdomain www.dmfstudentrad.no doesn’t have neither A, AAAA nor CNAME records defined in your authoritative DNS servers and that is the reason for the error. Just add an A record pointing to your ip address.

Cheers,
sahsanu


#3

This no subdomain. Or get I something wrong?


#4

dmfstudentrad.no points somewhere but www.dmfstudentrad.no doesn’t. That’s why Let’s Encrypt has a problem creating a certificate.

How do you manage your DNS records for dmfstudentrad.no?

You probably will want to add a CNAME for www.dmfstudentrad.no pointing to dmfstudentrad.no.

If you don’t want visitors to use http://www.dmfstudentrad.no (and instead stick to http://dmfstudentrad.no) , you can just not include that domain on the certificate:

certbot --apache -d dmfstudentrad.no

#5

Ok, thanks for the information. I got it now. Good help!


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.