DynDNS for subdomain with diff IP than A-Record

Hi!

I can’t figure out, how to renew my certificates for my subdomain (dyndns) which has a different ip than the a-record for my domain. For example:

Domain at my hoster: test.tld ip 1.2.3.4
Subdomain via dyndns: asdf.test.tld, ip 5.6.7.8

The subdomain has an Nextcloud installation, and a reachable port 80 (and 443) on asdf.test.tld or via ip 5.6.7.8.

When I try to renew my outdated certs (the initial cert had been issued when the test.tld ip pointed to my local dyndns machine) i receive the following failure:

Domain: asdf.test.tld
   Type:   unauthorized
   Detail: Invalid response from
   http://asdf.test.tld/.well-known/acme-challenge/J7mynGad-1qFxtmHk6

bX8BsJWGx_NTsvtRp7Z_QSgQ
[62.224.218.99]: “\n\n400 Bad
Request\n\n

Bad Request</h1”

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

On a different way:

DNS lookup failed with dig. The external IP (62.224.218.99) address of this server is not the same as the A-record (85.13.129.108). │
│ Please check your DNS settings! Maybe the domain isn’t propagated?

How can I tell certbot to ignore the a-record for the domain, and to use only the sub domain ip?

Hi @ZappZero

your domain name is required to check your configuration.

1 Like