Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command:
/opt/bitnami/letsencrypt/lego --tls --email="XXXX.athXXX@gmail.com" --domains="usdzradio.live" --domains="www.usdzradio.live" --path="/opt/bitnami/letsencrypt" run
It produced this output:
2022/03/15 21:38:35 [INFO] [usdzradio.live, www.usdzradio.live] acme: Obtaining bundled SAN certificate
2022/03/15 21:38:35 [INFO] [usdzradio.live] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/88006927300
2022/03/15 21:38:35 [INFO] [www.usdzradio.live] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/88006927310
2022/03/15 21:38:35 [INFO] [usdzradio.live] acme: use tls-alpn-01 solver
2022/03/15 21:38:35 [INFO] [www.usdzradio.live] acme: use tls-alpn-01 solver
2022/03/15 21:38:35 [INFO] [usdzradio.live] acme: Trying to solve TLS-ALPN-01
2022/03/15 21:38:48 [INFO] [www.usdzradio.live] acme: Trying to solve TLS-ALPN-01
2022/03/15 21:38:55 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/88006927300
2022/03/15 21:38:55 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/88006927310
2022/03/15 21:38:55 Could not obtain certificates:
error: one or more domains had a problem:
[usdzradio.live] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up A for usdzradio.live - the domain's nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for usdzradio.live - the domain's nameservers may be malfunctioning
[www.usdzradio.live] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: SERVFAIL looking up A for www.usdzradio.live - the domain's nameservers may be malfunctioning; DNS problem: SERVFAIL looking up AAAA for www.usdzradio.live - the domain's nameservers may be malfunctioning
My web server is (include version):
i'm using WordPress with NGINX and SSL Certified by Bitnami and Automattic
nginx version: nginx/1.21.6
with Wordpress
The operating system my web server runs on is (include version):
lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No (wordpress
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Did you add the proper DS record at your registrar?
Google should've given it to you when you enabled DNSSEC on their side. (something is very broken considering that Google is both your registrar and your DNS provider. Try waiting a bit.)
You'll have to login to Google Domains and disable DNSSEC on your domain, because it's currently misconfigured. This prevents your domain from functioning at all.
nginx is pretty much useless as a forward proxy....
So, you shouldn't too much trouble finding information on "how to" use it for what it was meant for.
nginx supports "streams"
But if you want the client to connect via TLS[HTTPS] and the service isn't doing TLS, then nginx will have to proxy (not stream) the HTTPS requests to the HTTP service.
my icecast is listening on port 8000 and 8443
i can listen to the music if i go directly using the URL http://hooggar.com:8443/mount
however i can't listen to the music from https://hooggar.com
this is my 3rd VM this week i install to get it done lol i will stop
I don't know how much you know about icecast but many people have struggled with it. One key issue is that the cert file it needs must have both the fullchain and private key in the bundle file. I did not see this mentioned yet in this thread.
Here is another thread with an icecast person from earlier that talks about this and has links to docs.
i dont know if it's thenginx bitnami version or the icecast but defnitely not working.
the ports are listening but the output with https is not cominng
thanks for your support