Issue when dns hosting on cloudfare

Help
#1

My domain is:

I ran this command:

It produced this output:
Domain: educatemn.org
Type: unauthorized
Detail: Invalid response from
http://educatemn.org/.well-known/acme-challenge/3CwR-ITagmVEhUfQlQGLeTcQ3N8IkN3wSl97ZqXlNLw
[3.14.21.94]: 404

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

FATAL: all hosts have already failed – aborting

My web server is (include version): nginx

The operating system my web server runs on is (include version): linux

My hosting provider, if applicable, is: cloudfare

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

I updated the A record to β€˜3.14.21.94’ still https://check-your-website.server-daten.de/?q=ercmn.org shows β€˜104.27.158.61’ and hence it seems certbot is failing. Can you please help?

Thank You.

#2

Hi @Pankti

where did you update that record? Now I see the 104.* address. But Letsencrypt has seen the 3.14.*

There is no older Letsencrypt certificate listed, the CT-part shows only the

Issuer not before not after Domain names LE-Duplicate next LE
CloudFlare Inc ECC CA-2 2019-05-22 2020-05-23 *.ercmn.org, ercmn.org, sni.cloudflaressl.com
3 entries

Cloudflare Certificate.

Looks like you use the integrated Cloudflare solution to have a SSL connection between your server and Cloudflare. Then you don’t need an own Letsencrypt certificate.

Checking your raw ip there is another certificate - https://check-your-website.server-daten.de/?q=3.14.21.94

CN=careerleaf.com
	28.08.2019
	26.11.2019
expires in 18 days	*.careerleaf.com, careerleaf.com - 2 entries
1 Like
#3

PS: Oh, there are some different informations.

There you use

ercmn.org, not the educatemn.org.

There is a check of the educatemn.org - https://check-your-website.server-daten.de/?q=educatemn.org

That domain has the 3.14.* ip address. But there is the error:

Domainname Http-Status redirect Sec. G
β€’ http://educatemn.org/ 3.14.21.94 GZip used - 56 / 36 - -55,56 % 404 Html is minified: 100,00 % 0.267 M
NOT FOUND
β€’ https://educatemn.org/ 3.14.21.94 GZip used - 56 / 36 - -55,56 % Inline-JavaScript (βˆ‘/total): 0/0 Inline-CSS (βˆ‘/total): 0/0 404 Html is minified: 100,00 % 4.094 N
NOT FOUND
Certificate error: RemoteCertificateNameMismatch
β€’ http://educatemn.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 3.14.21.94 GZip used - 56 / 36 - -55,56 % Inline-JavaScript (βˆ‘/total): 0/0 Inline-CSS (βˆ‘/total): 0/0 404 Html is minified: 100,00 % 0.266 A
NOT FOUND
Visible Content: domain is not defined: educatemn.org

Domain is not defined.

Looks like your vHost setup is incomplete.

1 Like
#4

What command did you run? What was the complete output? What ACME client are you using? What version of it?

1 Like
#5

Hi there,

There was an error with dns records. www routing was also added as an β€˜A’ record and hence error. Removing it solved the issue.

Thank you guys for your apt response. Really appreciate it.

Thanks.

1 Like
#6

That’s possible.

But if you have a main domain, it’s better to have a DNS entry and a correct configured vHost with one certificate and both domain names. And correct redirects.

Some users add always www to the domain name.

#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.