Error with DNS using Certbot

Simplecoded · September 27, 2020, 2:07pm

My domain is:
www.compra-mascarillas.com, www.tuwebsite.co, www.u-bunny.com

I ran this command:
certbot --apache

It produced this output:
Enabled Apache rewrite module
Waiting for verification...
Challenge failed for domain www.compra-mascarillas.com
Challenge failed for domain www.tuwebsite.co
Challenge failed for domain www.u-bunny.com
http-01 challenge for www.compra-mascarillas.com
http-01 challenge for www.tuwebsite.co
http-01 challenge for www.u-bunny.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

The following errors were reported by the server:

Domain: www.compra-mascarillas.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for
www.compra-mascarillas.com - check that a DNS record exists for
this domain

Domain: www.tuwebsite.co
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for www.tuwebsite.co -
check that a DNS record exists for this domain

Domain: www.u-bunny.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for www.u-bunny.com -
check that a DNS record exists for this domain

My web server is (include version):
Ubuntu 18 ( Bionic )

The operating system my web server runs on is (include version):
Windows10

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.8.0

my domains are hosted on Namecheap, I have the following records for each of the three domains:

A / @ / 45.82.167.208
AAAA / @ / 2001:ac8:20:6b::6eb4:2a07

Osiris · September 27, 2020, 2:09pm

Please read the error messages provided by the Let's Encrypt validation server. And compare those error messages with the DNS zone settings you've pasted above. The issue should be obvious.

Simplecoded · September 27, 2020, 2:11pm

I am no expert, I cant see why it is not working. Can you be more specific ?
Thanks for your answer

Osiris · September 27, 2020, 2:13pm

You don't have the www subdomain defined in your DNS zone.

JuergenAuer · September 27, 2020, 2:14pm

Hi @Simplecoded

checking your domain now, there is no A record with the www you have used in your command - https://check-your-website.server-daten.de/?q=compra-mascarillas.com

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
compra-mascarillas.com	A	45.82.167.208 Frankfurt am Main/Hesse/Germany (DE) - M247 Ltd Hostname: setzer.es	yes	1	0
	AAAA	2001:ac8:20:6b::6eb4:2a07 Frankfurt am Main/Hesse/Germany (DE) - M247 Ltd	yes
www.compra-mascarillas.com		Name Error	yes	1	0

The non-www has A/AAAA, the www has not. So creating a certificate with the www subdomain via http validation can't work.

But there is an older check:

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
compra-mascarillas.com	A		yes	1	0
	AAAA		yes
www.compra-mascarillas.com	A	45.82.167.208 Frankfurt am Main/Hesse/Germany (DE) - M247 Ltd Hostname: setzer.es	yes	1	0
	AAAA	2001:ac8:20:6b::6eb4:2a07 Frankfurt am Main/Hesse/Germany (DE) - M247 Ltd	yes

There the www version has all, the non-www version has nothing.

Combine both versions.

Simplecoded · September 27, 2020, 2:20pm

I just added the last two. That should do the trick ?
Thank you

JuergenAuer · September 27, 2020, 2:22pm

Yes, now the main domain and the www subdomain have the same A- and AAAA-records. Same with your other domains (didn't checked).

system · October 27, 2020, 2:22pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.