Getting unknownHost, even though my site is reachable and DNS records are fine

My domain is:

I get this output:

starting version 3.2.4
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. (http-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for
 - The following errors were reported by the server:
   Type:   unknownHost
   Detail: No valid IP addresses found for
   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

… which is funny because the domain resolves correctly to my server’s IP and I have checked a bunch of DNS servers. What am I doing wrong? :frowning:

Hi @efstajas,

I see your address as, which is not a publicly-reachable Internet address. Are you able to reach your site from outside of your own network? What ISP do you expect it to be hosted by?

Oh wow, that is super annoying. It looks like my ISP placed me behind a carrier-grade NAT and my router has a private WAN IP. Which makes it impossible for me to set up DDNS.

I will configure my domain to resolve to my public IP address and hope it doesn’t change – no idea how my ISP handles this (I just switched).

Thanks for pointing me into the right direction

@schoen Wait, why the hell am I even able to port-forward from behind a carrier grade NAT? Isn’t this super weird? Just to check, you can reach a home assistant installation at right now, can’t you?

I can see it from the Oregon coast.

Yes, I can see it now at

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.