Failed to activate ssl certificats

My domain is:

I ran this command: sudo certbot --apache -d

It produced this output: Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for - check that a DNS record exists for this domain

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): Ubuntu 16.04.7 LTS (GNU/Linux 4.4.0-210-generic x86_64)

The operating system my web server runs on is (include version): Ubuntu 16.04.7

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.6.0

Hi @sergeah, and welcome to the LE community forum :slight_smile:

Using the Apache plug-in requires HTTP-01 authentication.
That means HTTP [TCP port 80] much reach the ACME client at your site to validate the request.
That means that your site must be reachable from the Internet.
That requires your site to have an IP address [IPv4 or IPv6 or both].
The "www" name has no IP:

Non-authoritative answer:

*** can't find Non-existent domain

You urgently need to update your operating system. You are two LTS versions behind the oldest supported Ubuntu LTS release. Assistance with that task is out of scope for this forum, but upgrading from one Ubuntu LTS to the next is usually quite painless.

Ask Ubuntu tends to be good resource if you need assistance upgrading.


You mean desktop version. Yes, should not be too big hussle...... However, in server versions things tend to get more & more complicated the more complicated/complex server config is.

1 Like

You got certs yesterday so resolved the DNS issue.

Although, you have separate certs for your root name and the www subdomain. That's technically fine but not the way it is usually done. If you want help with that let us know but otherwise this looks resolved.


No, I mean Ubuntu servers. While I tend to run Debian Stable in production myself, I have performed plenty of in-place upgrades on Ubuntu LTS servers for clients, too. I have even had to run through multistage upgrades due to how far behind current the owners had let their maintenance lapse.

That is certainly accurate. While I pride myself in making it look it easy, such projects are not something I engage in without thorough planning and lots of backups. :smile:

I'm glad to hear that you were able to obtain the certificates you required. I also wish you only success with whatever approach you take with your server.


Just fyi wojtekLs was not original poster and was recently flagged on two of their other posts. They may not be around here very long :slight_smile:


Indeed. That detail registered as I cleared the notification on my mobile and I had already replied. Regardless, it pleases me that @sergeah obtained the desired certificates, and I wish only success on any action taken with the server.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.