HTTPS showing not secure with NGINX (DigitalOcean Droplet)

Help
1

My domain is: https://academy.maltemafrica.com/

I ran this command: certbot renew --dry-run

It produced this output: Attempting to renew cert (academy.maltemafrica.com) from /etc/letsencrypt/renewal/academy.maltemafrica.com.conf produced an unexpected error: Requesting acme-staging-v02.api.letsencrypt.org/directory: Network is unreachable. Skipping.

I ran this command: curl -v https://acme-staging-v02.api.letsencrypt.org/directory

It produced this output:

  • Trying 23.75.3.165…
  • TCP_NODELAY set
  • Connected to acme-staging-v02.api.letsencrypt.org (23.75.3.165) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
  • CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
  • TLSv1.2 (OUT), TLS handshake, Client hello (1):
  • TLSv1.2 (IN), TLS handshake, Server hello (2):
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
  • TLSv1.2 (OUT), TLS change cipher, Client hello (1):
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
  • TLSv1.2 (IN), TLS handshake, Finished (20):

The operating system my web server runs on is: Ubuntu

My hosting provider, if applicable, is: DigitalOcean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

PS: It was working two days ago with no problem for a month nearly… I don’t know what the problem is.

[UPDATE]
I found out that my original domain (https://maltemafrica.com) is also down, when I run the following command:
certbot --nginx -d www.maltemafrica.com
I get the following error:
Domain: www.maltemafrica.com
Type: unauthorized
Detail: Invalid response from
http://www.maltemafrica.com/LjQTZ/.well-known/acme-challenge/v3KwhWQFlyDz7xVRSr_5SJbpVQMt3kFi4nC1zWETYKg
[184.168.221.81]: "<body style=“padding:0; margin:0;”><meta
name=“viewport” content=“width”

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

2

Hi @haitham

there is a check of your domain, 2 hours old - https://check-your-website.server-daten.de/?q=academy.maltemafrica.com

Host T IP-Address is auth. ∑ Queries ∑ Timeout
academy.maltemafrica.com Name Error yes 1 0
www.academy.maltemafrica.com Name Error yes 1 0

There is no ip address defined. So you can't use http-01 validation.

And your main domain shows a GoDaddy parking page.

3

Hello @JuergenAuer, thanks for your reply.

I can’t get it since on DigitalOcean my domain redirects directly to my ip:

image
image.png1064×59 4.36 KB

Thanks!

4

That's not a public visible entry. And your name server is ns15.domaincontrol.com, that's Godaddy.

There you have to create an A-entry.

Your ip address is from DigitalOcean.

Host T IP-Address is auth. ∑ Queries ∑ Timeout
138.68.54.36 A 138.68.54.36
Santa Clara/California/United States (US) - DigitalOcean, LLC No Hostname found yes

But that doesn't help if you use another name server without the correct A record.

5

I'm sorry but I'm really new to all of this and I'm totally lost, if you can please help me with specific steps I would be grateful

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.