I am having issue creating SSL cert for my website. As far as I can tell, all DNS configs look ok. But secondary check is failing.
My domain is:
gayatrimedicalhospital.com
I ran this command:
sudo certbot --nginx
It produced this output:
http-01 challenge for gayatrimedicalhospital.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. gayatrimedicalhospital.com (http-01): urn:ietf:params:acme:error:dns :: During secondary validation: DNS problem: query timed out looking up A f
or gayatrimedicalhospital.com
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: gayatrimedicalhospital.com
Type: None
Detail: During secondary validation: DNS problem: query timed out
looking up A for gayatrimedicalhospital.com
My web server is (include version):
nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 18.04.4 LTS
My hosting provider, if applicable, is:
https://domains.google/
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 0.31.0
After few hours searching on Google, below is additional information that might help.
Access logs were able to log certbot’s tries for accessing website to verify.
52.28.236.88 - - [30/Apr/2020:17:24:24 +0000] "GET /.well-known/acme-challenge/ZcJxi_0p7Asl77gJXPyUjvppO4qIoZHhRDQxlUm5Tdg HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's
Encrypt validation server; +https://www.letsencrypt.org)"
66.133.109.36 - - [30/Apr/2020:17:24:24 +0000] "GET /.well-known/acme-challenge/ZcJxi_0p7Asl77gJXPyUjvppO4qIoZHhRDQxlUm5Tdg HTTP/1.1" 200 87 "-" "Mozilla/5.0 (compatible; Let's
Encrypt validation server; +https://www.letsencrypt.org)"
nginx.conf file looks like below.
server {
listen 80;
server_name gayatrimedicalhospital.com;
access_log /var/log/nginx/gmh.log;
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ~ /\.well-known/acme-challenge {
root /usr/share/nginx/html;
}
}