Hi!
I can’t figure out, how to renew my certificates for my subdomain (dyndns) which has a different ip than the a-record for my domain. For example:
Domain at my hoster: test.tld ip 1.2.3.4
Subdomain via dyndns: asdf.test.tld, ip 5.6.7.8
The subdomain has an Nextcloud installation, and a reachable port 80 (and 443) on asdf.test.tld or via ip 5.6.7.8.
When I try to renew my outdated certs (the initial cert had been issued when the test.tld ip pointed to my local dyndns machine) i receive the following failure:
Domain: asdf.test.tld
Type: unauthorized
Detail: Invalid response from
http://asdf.test.tld/.well-known/acme-challenge/J7mynGad-1qFxtmHk6
bX8BsJWGx_NTsvtRp7Z_QSgQ
[62.224.218.99]: “\n\n400 Bad
Request\n\n
Bad Request</h1”
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
On a different way:
DNS lookup failed with dig. The external IP (62.224.218.99) address of this server is not the same as the A-record (85.13.129.108). │
│ Please check your DNS settings! Maybe the domain isn’t propagated?
How can I tell certbot to ignore the a-record for the domain, and to use only the sub domain ip?