Failed to create certificate for domain that I created certificate for before

Insortial · August 7, 2023, 11:21pm

I have already certified this domain previously but was having issues as I switched over to a different webserver. Initially using apache now using nginx. I revoked my old certificates and am attempting to recertify the domain. But I am running into these issues.

My domain is: renwell.dev

I ran this command: sudo certbot --nginx

It produced this output: Certbot failed to authenticate some domains (authenticator: nginx). The Certificate Authority reported these problems:
Domain: www.renwell.dev
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for www.renwell.dev - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for www .renwell.dev - check that a DNS record exists for this domain

My web server is (include version): nginx/1.18.0

The operating system my web server runs on is (include version): Debian 11

My hosting provider, if applicable, is: Linode

I can login to a root shell on my machine (yes or no, or I don't know): Yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

catharsis · August 8, 2023, 12:25am

You have no DNS records for www.renwell.dev. You need 1 or more A and/or AAAA records or a CNAME. You'll have to log in to your DNS provider (looks like Linode) to fix.

$ nslookup www.renwell.dev
Server:         1.0.0.1
Address:        1.0.0.1#53

** server can't find www.renwell.dev: NXDOMAIN

Bruce5051 · August 11, 2023, 2:15am

Observer
renwell.dev has only an IPv4 Address and NO IPv6 Address

$ nslookup renwell.dev ns1.linode.com.
Server:         ns1.linode.com.
Address:        162.159.27.72#53

Name:   renwell.dev
Address: 170.187.174.45

www.renwell.dev has both an IPv4 Address and an IPv6 Address

$ nslookup www.renwell.dev ns1.linode.com.
Server:         ns1.linode.com.
Address:        162.159.27.72#53

Name:   www.renwell.dev
Address: 170.187.174.45
Name:   www.renwell.dev
Address: 2600:3c01::f03c:93ff:fef0:ec95

Bruce5051 · August 11, 2023, 2:28am

renwell.dev looks good
https://www.ssllabs.com/ssltest/analyze.html?d=renwell.dev

and www.renwell.dev looks good as well
https://www.ssllabs.com/ssltest/analyze.html?d=www.renwell.dev

All using the same certificate https://search.censys.io/certificates/5de46ee9376d35eb860d9b480b694936ad9d5f7595e34527e55ff588bf888a27

So has your issue been resolved?

Insortial · August 11, 2023, 6:39am

Yes I resolved the issue by updating the DNS records for www.renwell.dev and the cert went through.

system · September 10, 2023, 6:39am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.