'Failed authorization procedure', 'No valid IP found for' [mydomain]

joan0fsnark · November 28, 2021, 9:22pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

joan0fsnark.com

I ran this command:

NextCloudPi Wizard, which executes letsencrypt but I can't see the code.

It produced this output:

[ letsencrypt ] (Sun Nov 28 12:54:43 PST 2021)
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cloud9.joan0fsnark.com
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. cloud9.joan0fsnark.com (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for cloud9.joan0fsnark.com
IMPORTANT NOTES:

The following errors were reported by the server:

Domain: cloud9.joan0fsnark.com
Type: None
Detail: No valid IP addresses found for cloud9.joan0fsnark.com

My web server is (include version):

NextCloudPi_RPi_10-08-21

The operating system my web server runs on is (include version):

NextCloudPi

My hosting provider, if applicable, is:

XFinity

I can login to a root shell on my machine (yes or no, or I don't know):

Yes (I think?)

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

0.31.0

I'm new to this and may not have set everything correctly; however I did follow tutorials and I can't figure out what's going wrong. Google Domains hosts my domain, which I registered with FreeDNS. I set up Dynamic DNS on Google Domains and FreeDNS with my public IPv4. My ports are forwarded (80 and 443, TCP), advanced security turned off on the router. Can anyone tell me why the connection isn't being made, please?

MikeMcQ · November 28, 2021, 9:43pm

You should review the DNS. There is no A record for that domain name to point to your IP. Check with something like

https://toolbox.googleapps.com/apps/dig/#A/

Osiris · November 28, 2021, 9:49pm

Well, there is an A record, just not a normal IP address:

cloud9.joan0fsnark.com.	60	IN	A	0.0.0.0

Either correct the IP address or use the dns-01 challenge. "How would I do that?", you might ask? Not the slightest clue, as I don't have any experience with NextCloudPi...

joan0fsnark · November 28, 2021, 9:55pm

I do think there's something to this. On Google Domains, I see 0.0.0.0 next to my info, but there's no way to edit it. There's also a discrepancy on the GD help docs, where an option is missing that would allow me to get a username/passcode to go along with it.

I will contact them. Thank you for your assistance!

joan0fsnark · November 28, 2021, 9:56pm

Thank you for the tool, I will look into it! I think the issue is with Google Domains.

JimPas · November 29, 2021, 12:26am

Your apex domain joan0snark.com still returns as Not Found, however, cloud9.joan0snark.com does load a login page. The LE cert you have for the cloud9 subdomain is only for that subdomain. It doesn't include the apex domain which tests are showing zilch DNS returns. One even said the apex domain wasn't registered - probably because of no records.

system · December 29, 2021, 12:26am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.