Having trouble getting HTTPS with my redirect domains


#1

loganschmalz.org and loganschmalz.net redirecting to loganschmalz.com

certbot --nginx

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: loganschmalz.net
   Type:   unauthorized
   Detail: Invalid response from
   http://loganschmalz.net/.well-known/acme-challenge/PXJp0fHzZaX-U9-bsoPKvcfSlAzyFP1x_jibqvRfOus:
   "<my index.html code>"

   Domain: www.loganschmalz.org
   Type:   unauthorized
   Detail: Invalid response from
   http://www.loganschmalz.org/.well-known/acme-challenge/tb_pJjJ8v_qrwa2VS9nLtiTbxyCg0weFUQ2yIL70d14:
   "<my index.html code>"

   Domain: www.loganschmalz.net
   Type:   unauthorized
   Detail: Invalid response from
   http://www.loganschmalz.net/.well-known/acme-challenge/MWwpHsSqD3ceINV4-WDKE0whkjYR_WX-ig6QJPRJgKI:
   "<my index.html code>"

   Domain: loganschmalz.org
   Type:   unauthorized
   Detail: Invalid response from
   http://loganschmalz.org/.well-known/acme-challenge/VP3MSY3ooDKPQLYRs9Mj6rNRqKZYxbIkwHtFY_IHkuM:
   "<my index.html code>"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

Nginx 1.15.8, CentOS 7, root access, certbot 0.29.1

I just bought my domains on Google Domains. My loganschmalz.com certificate is working alone, but I want my redirects to be secured as well. I can post my configuration if needed, but the only thing under my redirect domains is a return 301 to my main domain.

Edit: I’ve just realized the could be related to my try_files redirecting to the index, but I’m still not sure why it would work for my main domain but not redirects. Is it because it can’t see the websites with my 301 redirect?


#2

The redirects are running at Google IPs:
2001:4860:4802:32::15
2001:4860:4802:34::15
2001:4860:4802:36::15
2001:4860:4802:38::15
216.239.32.21
216.239.34.21
216.239.36.21
216.239.38.21

While
www.loganschmalz.com
is at IP:
198.206.13.164
[not a Google IP]

I’m pretty sure that you won’t be able to use
certbot --nginx
to install a certificate on a Google server.

To complicate things more…

www.loganschmalz.org
uses (other) Google IPs:
2607:f8b0:4008:80f::2013
172.217.3.147

www.loganschmalz.org
uses (other) Google IPs:
2607:f8b0:4008:806::2013
172.217.8.115


#3

Thanks, I suspected that could be it as well. I have my redirects set up through the domain management, but I will set it up on Nginx instead.