Hi @carnby77 and welcome to the LE community forum
We will need some more information to better assist you.
Please fill out this form:
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
As well as showing the output of the following: openssl version ls -l /etc/ssl/certs/ca-cert*
Ok. Well, you have a wide variety of issues related to the basics of setting up connectivity. I am not familiar enough with rasp pi to assist but maybe someone else will help. But, you may find better help at a forum for beginning rasp pi setups in general. This site mostly focuses on getting the certs once a server is running.
I will point out that:
Your DNS for aitd.ddns.net points to 192.168.1.119 which is not a publicly addressable IP. That domain was what you were using in the command to request a cert but that IP cannot be reached from the public internet (only your internal network). The DNS needs correction.
Your DNS for aitd.duckdns.org points to 14.192.216.174. But, I cannot reach this IP with something like curl -I aitd.duckdns.org. You should look at how your router and ports are configured for your server. You should check that this is the correct IP. You must have a working http site before being able to get a cert using the http challenge. You can use a site like Lets Debug to help with this.
@rg305 Honestly I wouldn't bother helping @carnby77. They don't listen to reason. They don't actually want to do any of the work themselves. They spent a week in my discord blowing it up and being rude to people who told them things they didn't want to hear. For instance, when they were told they did something incorrectly, they got nasty and rude. When I called them on their nonsense, they were verbally abusive until I banned them. I'm willing to bet that their issue here is a port forwarding issue, but they won't accept that since Plext worked without port forwarding, but not understanding that not all apps are like that.
In fact, you can see this behavior has been going on since at least 2007 where they just expect people to do things for them rather than making any effort for themselves.