Failed authorization procedure - NXDOMAIN looking up A because of subdomains


I ran this command:

sudo certbot --nginx -d c -d -d -d -d -d

It produced this output:

Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
http-01 challenge for
http-01 challenge for
http-01 challenge for
http-01 challenge for
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. (http-01): urn:ietf:para ms:acme:error:dns :: DNS problem: NXDOMAIN looking up A for com, (http-01): urn:ietf:params:acme:error:dns :: DNS pro blem: NXDOMAIN looking up A for


  • The following errors were reported by the server:

    Type: None
    Detail: DNS problem: NXDOMAIN looking up A for

    Type: None
    Detail: DNS problem: NXDOMAIN looking up A for

  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

My web server is (include version): Nginx

The operating system my web server runs on is (include version): Ubuntu 18.04 LTS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No, raw server

Hi all and Let’s encrypt,

Thanks for this free and wonderful service, am a complete noob at this SSL installation and followed this tutorial to install an SSL certificate for my website: Configuring Let’s Encrypt SSL Cert for Nginx on Ubuntu 18.04

I believe I was meant to only install it for my main domain and not sub-domains, I am assuming that the sub-domains would automatically have been secured by HTTPS if I only installed it for the my main domain, is this correct?

Regardless, I added 2 of my sub-domains to be encrypted too and thus resulting in the errors above. I did not receive any successful message of the SSL certificates being installed.

As the message states, the certificates are stored on my dedicated server now.

Question: How do I delete the SSL certificates for the two sub-domains, do I need to or they can be just left there? For cleanliness, would prefer to remove/uninstall them.

Question: How do I continue to install the certificate for my main domain which am guessing will secure all the sub-domains I add also. Do I need to run the installation again or otherwise?

Please help and would appreciate any advice to help resolve this.

Thanking you very much in advance, your help is much appreciated.


Hi @TryMeGetBuried

this may be wrong. You need a certificate. But one certificate can have a lot of domain names (your -d option). So you need

  • one certificate per subdomain [or]
  • one certificate with the domain (www + non-www) + all subdomains

What’s your domain- and subdomaini names? It’s impossible to check the problem without your domain names.

Don’t delete them. You may delete them if they are expired. But you can and should left them.

Share your domain names. There are a lot of possible errors.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.