Error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOM AIN looking up A for

kadirphp · February 13, 2021, 10:07am

My domain is:novipol.com

I ran this command: sudo /opt/bitnami/letsencrypt/lego --tls --email="kadir.php@yan
dex.com" --domains="novipol.com" --domains="www.novipol.com" --path="/opt/bitnami/letsencr
ypt" run

It produced this output: 2021/02/13 10:01:28 [INFO] [novipol.com, www.novipol.com] acme: Obtaining bundled SAN cert
ificate
2021/02/13 10:01:28 [INFO] [novipol.com] AuthURL: https://acme-v02.api.letsencrypt.org/acm
e/authz-v3/10815407607
2021/02/13 10:01:28 [INFO] [www.novipol.com] AuthURL: https://acme-v02.api.letsencrypt.org
/acme/authz-v3/10828820508
2021/02/13 10:01:28 [INFO] [novipol.com] acme: authorization already valid; skipping chall
enge
2021/02/13 10:01:28 [INFO] [www.novipol.com] acme: use tls-alpn-01 solver
2021/02/13 10:01:28 [INFO] [www.novipol.com] acme: Trying to solve TLS-ALPN-01
2021/02/13 10:01:35 [INFO] Skipping deactivating of valid auth: https://acme-v02.api.letse
ncrypt.org/acme/authz-v3/10815407607
2021/02/13 10:01:35 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/au
thz-v3/10828820508
2021/02/13 10:01:35 [INFO] Unable to deactivate the authorization: https://acme-v02.api.le
tsencrypt.org/acme/authz-v3/10828820508
2021/02/13 10:01:35 Could not obtain certificates:
error: one or more domains had a problem:
[www.novipol.com] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOM
AIN looking up A for www.novipol.com - check that a DNS record exists for this domain

My web server is (include version):Debian 4.19.160-2 (2020-11-28) x86_64

The operating system my web server runs on is (include version):Linux

My hosting provider, if applicable, is:Amazon Lightsail ( Bitnami )

I can login to a root shell on my machine (yes or no, or I don't know):Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):No.

_az · February 13, 2021, 10:17am

There's no DNS record for your www subdomain.

You'll want to login to your AWS control panel and create a CNAME record from www.novipol.com. to novipol.com.

You can do this either in the Lightsail or Route53 interface, depending how you setup your domain.

kadirphp · February 13, 2021, 10:26am

https://intodns.com/novipol.com

I created a cname record, but this time the browser gives a warning.

Osiris · February 13, 2021, 10:42am

There already is a CNAME according to my digs? At least, there was at 2021-02-13 10:21:21 UTC when I checked the hostname/domain out.

_az · February 13, 2021, 10:43am

It was created after my post. I think OP managed to create the certificate after creating the CNAME.

I think @kadirphp now needs to continue onto "Step 3" of the Bitnami SSL instructions, to configure their webserver with the certificate they created: Generate and Install a Let's Encrypt SSL Certificate for a Bitnami Application

Osiris · February 13, 2021, 10:44am

Hm, pretty much close timing then, see my edit above As far as I know, there wasn't any reply yet when I looked at the hostname, but I didn't find anything strange, so didn't have anything to post at that time. Perhaps Discourse didn't update the thread around that time properly, I dunno.

_az · February 13, 2021, 10:46am

Perhaps! According to the timestamps, there was a 4 minute window between me posting and you checking. At least, the error from the ACME server supports that theory .

kadirphp · February 13, 2021, 1:24pm

@_az @Osiris Thank you for your comments. I solved the problem.

system · March 15, 2021, 1:25pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.