Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:mail.sojrs.me
I ran this command:
certbot certonly --standalone -d mail.sojrs.me
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Currently, the renew verb is capable of either renewing all installed certi
ficates that are due to be renewed or renewing a single certificate specifi
ed by its name. If you would like to renew specific certificates by their d
omains, use the certonly command instead. The renew verb may provide other
options for selecting certificates to renew in the future.
[root@vultr letsencrypt]# certbot certonly --standalone -d mail.sojrs.me
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mail.sojrs.me
Waiting for verificationâŚ
Challenge failed for domain mail.sojrs.me
http-01 challenge for mail.sojrs.me
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
[root@vultr letsencrypt]#
My web server is (include version):
The operating system my web server runs on is (include version):centos7
My hosting provider, if applicable, is: vps ,vultr
I can login to a root shell on my machine (yes or no, or I donât know):yes
Iâm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if youâre using Certbot):
certbot 0.36.0
other info:
my vps is 1.1.1.1
and i set hosts 1.1.1.1 mail.sojrs.me
so i think it should not be the wrong about dns
But you don't have a valid certificate, so Cloudflare can't connect your domain.
Instead, there is the standard Cloudflare error http status 521:
Origin Unreachable
Error 523 Ray ID: 510689397eb1d105 ⢠2019-09-03 09:00:54 UTC Origin is unreachable You Browser Working Berlin Cloudflare Working mail.sojrs.me Host Error What happened? The origin web server is not reachable. What can I do? If you're a visitor of this website: Please try again in a few minutes. If you're the owner of this website: Check your DNS Settings. A 523 error means that Cloudflare could not reach your host web server. The most common cause is that your DNS settings are incorrect. Please contact your hosting provider to confirm your origin IP and then make sure the correct IP is listed for your A record in your Cloudflare DNS Settings page. Additional troubleshooting information here. Cloudflare Ray ID: 510689397eb1d105 ⢠Your IP : 85.215.2.229 ⢠Performance & security by Cloudflare
If you want to use Cloudflare, you need a working certificate.
So
remove that Cloudflare configuration, so your server is directly visible
create a certificate
activate Cloudflare again
But currently Cloudflare blocks Letsencrypt checking your domain.
I think you're misreading your own output--Cloudflare is returning "no hostname found" for this hostname. It appears there are no DNS records for that name at all.
