Extending a working .tld. cert to include www.tld

I have installed certbot-auto and successfully used it to gen and use a cert for my tld: eugenesymphonyguild.org
I need to extend this cert to include www.eugenesymphonyguild.org
My DNS A record provides for the tld eugenesymphonyguild.org. and the AWS elastic IP address. To handle the www.eugenesymphonyguild.org, I am using an aliased A record that points to the AWS elastic IP address.
command line (as root): ./certbot-auto certonly -d eugenesymphonyguild.org -d www.eugenesymphonyguild.org
the end result is an error: DNS problem: SERVFAIL looking up A for www.eugenesymphonyguild.org
I don’t understand, since I have an A record for www.eugenesymphonyguild.org
Server: Ubuntu 14.04
Webserver: Apache2
Running on Amazon Web Services / EC2

I suspect I’ve missed something really basic, but I don’t see it, after much searching w Google and reading the Certbot docs.

I have tried using the webroot option, but it does not make a difference, I still get the same error. I don’t see any other way to set up DNS, either.

So how do I do this?

Your DNS appears to be broken for the entire domain right now:

dig eugenesymphonyguild.org A

; <<>> DiG 9.8.3-P1 <<>> eugenesymphonyguild.org A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 28708
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;eugenesymphonyguild.org.	IN	A

;; Query time: 53 msec
;; WHEN: Fri Oct 21 12:58:16 2016
;; MSG SIZE  rcvd: 41

mxtoolbox reports the same.

Fixed, it helps to have the domain registration in sync with the dns name servers.

Too right; thanks.

If there is a way to delete the related message topic on the board, please do so. I missed the basic step of updating the GoDaddy DNS Registration record with the new name server info, a real blunder!

Chalk that up to a senior moment, please.

I really appreciate the work that you and others do to make LetsEncrypt the awesome site that it is.

Best Regards,

Don Hirst
Eugene, OR

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.