Trying to get a cert for my domain dskag.at, but somehow failing.
I’m trying this on my debian OwnCloud server and it’s not the main webserver!
The main webserver for the website is running windows, and i’m not sure if i can request a certificate from this Debian machine, i hope i can.
Any help would be very appreciated, thank you for your time and effort!
My domain is:
dskag.at
I ran this command:
sudo certbot-auto certonly --standalone -d dskag.at -d www.dskag.at
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for dskag.at
http-01 challenge for www.dskag.at
Waiting for verification…
Challenge failed for domain dskag.at
Challenge failed for domain www.dskag.at
http-01 challenge for dskag.at
http-01 challenge for www.dskag.at
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version):
Apache/2.4.25 (Debian)
The operating system my web server runs on is (include version):
Debain 9
My hosting provider, if applicable, is:
Self hosted
I can login to a root shell on my machine (yes or no, or I don’t know):
yup
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
I don’t think so?
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.28.0
Visible Content: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> 404 Dokument not found Errorpage Problem: 404 Error. The Page or File you wanted to load, does not exists on the DSKAG Austria Server. Solution: Please try to reload the page or control if you are typed in the correct URL. If the Page still not loads and you are sure there must be a page, then contact the Webmaster . If you are not sure or you tryed to download a File from a external link, load our Mainsite at www.dskag.at and search the page, if this File is still online. www.DSKAG.at
This instance answers, so if you want to use http-01 validation, a file in /.well-known/acme-challenge is created, Letsencrypt finds your domain and checks that file.
You can't run a standalone one a different machine.
/.well-known/acme-challenge shouldn't redirect to /404/Error.html
But you can switch to dns-01 validation, then you don't need a running webserver.
Certbot must run on the machine with the correct ip address (if you use http-01 validation). If you want a certificate with the name dskag.at with the ip address 213.47.64.105, Certbot must run on this machine.
That's only true for the apache, nginx, webroot or standalone authenticator. The manual plugin can be used, also for the http-01 challenge, to get a certificate on a different machine.
@mahksy Is there a specific reason why you choose to use --standalone? Are you using some kind of guide?
Perhaps you should try the following command if you are using certbot on the same machine as where your Apache runs:
I followed a guide that basically showed how to get a signed cert from letsencrypt.
Well i have two instanced of apache running, one on windows which covers dskag.at and one on debian which runs my owncloud, i manage the debian machine and have access to the win machine, any idea where i have to request a certificate? From windows or debian, also can i change the challenge path or…?