Hello,
I’m trying to get Let’s Encrypt’s certbot to work on my home web server and I’m running into some problems. I would be thankfor for any help. Here is the requested info:
My domain is:
1:halverscience.net <------ preferred
2: www.halverscience.net
3: makotomagic.net <------ preferred
4: www.makotomagic.net
5: halverscience.webredirect.org
6: www.halverscience.webredirect.org
7: makotomagic.webredirect.org
8: www.makotomagic.webredirect.org
I ran this command:
sudo certbot --apache
It produced this output:
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for halverscience.net
http-01 challenge for halverscience.webredirect.org
http-01 challenge for makotomagic.net
http-01 challenge for makotomagic.webredirect.org
http-01 challenge for www.halverscience.net
http-01 challenge for www.halverscience.webredirect.org
http-01 challenge for www.makotomagic.net
http-01 challenge for www.makotomagic.webredirect.org
Enabled Apache rewrite module
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.makotomagic.webredirect.org (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for www.makotomagic.webredirect.org, makotomagic.net (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for makotomagic.net, halverscience.net (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for halverscience.net, www.makotomagic.net (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for www.makotomagic.net, www.halverscience.net (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for www.halverscience.net, makotomagic.webredirect.org (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for makotomagic.webredirect.org, www.halverscience.webredirect.org (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for www.halverscience.webredirect.org, halverscience.webredirect.org (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for halverscience.webredirect.org
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: www.halverscience.net
Type: None
Detail: No valid IP addresses found for www.halverscience.net
Plus seven similar errors, one for each domain
My web server is (include version):
apachectl -v
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2020-03-13T12:26:16
The operating system my web server runs on is (include version):
Distributor ID: Ubuntu
Description:Ubuntu 18.04.4 LTS
Release:18.04
Codename:bionic
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
yes (I can use sodu)
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot --version
certbot 0.31.0
Further information: I use a Cisco E1200 router. I have port forwarding for ports 80 and 443 to my server machine going.
I am using a dynamic dns service: https://www.dynu.com/en-US/
My server asks dynu for domain name IP updates using
ddclient version 3.8.3
When I try the letsdebug.net service I get this message:
Test result for halverscience.net using http-01
ReservedAddress
Fatal
A private, inaccessible, IANA/IETF-reserved IP address was found for halverscience.net.
Let’s Encrypt will always fail HTTP validation for any domain that is pointing to an
address that is not routable on the internet. You should either remove this address and
replace it with a public one or use the DNS validation method instead.
192.168.1.128
I find it strange that the LetsDebug is getting 192.168.1.128 as my ip address. This is the server’s address on my home network, but I thought this address was not visible outside of my home network. I don’t know how to follow the error message’s advice, to “remove this address and
replace it with a public one”. Currently my public address is 47.41.16.111, but that will change every few days.
Thank you!
Peter H.