Need help first time configuring Let's Encrypt

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

SUBDOMAINS entered, processing
Only subdomains, no URL in cert
Sub-domains processed are: -d kiwix.lucadent.ro -d nextcloud.lucadent.ro -d pass.lucadent.ro -d server.lucadent.ro
E-mail address entered: office@lucadent.ro
http validation is selected
Generating new certificate
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for kiwix.lucadent.ro
http-01 challenge for nextcloud.lucadent.ro
http-01 challenge for pass.lucadent.ro
http-01 challenge for server.lucadent.ro
Waiting for verification…
Challenge failed for domain kiwix.lucadent.ro
Challenge failed for domain nextcloud.lucadent.ro
Challenge failed for domain pass.lucadent.ro
Challenge failed for domain server.lucadent.ro
http-01 challenge for kiwix.lucadent.ro
http-01 challenge for nextcloud.lucadent.ro
http-01 challenge for pass.lucadent.ro
http-01 challenge for server.lucadent.ro
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:

  • The following errors were reported by the server:

Domain: kiwix.lucadent.ro
Type: unauthorized
Detail: Invalid response from
http://kiwix.lucadent.ro/.well-known/acme-challenge/zfPC3NsoLFJlEk5ggOBdsz2t4p6wsNKIPmTKFAEWE6c
[90.95.143.143]: “\r\n404 Not
Found\r\n\r\n

404 Not
Found

\r\n
nginx\r\n”

Domain: nextcloud.lucadent.ro
Type: unauthorized
Detail: Invalid response from
http://nextcloud.lucadent.ro/.well-known/acme-challenge/ZsVbDsHXxldghoEhxhU627vN3dOUSK9DjMua0WraVXo
[90.95.143.143]: “\r\n404 Not
Found\r\n\r\n

404 Not
Found

\r\n
nginx\r\n”

Domain: pass.lucadent.ro
Type: unauthorized
Detail: Invalid response from
http://pass.lucadent.ro/.well-known/acme-challenge/UO4MKGHb94JLRV-McNRpoybavyq5NofIGlFt_TaQeOA
[90.95.143.143]: “\r\n404 Not
Found\r\n\r\n

404 Not
Found

\r\n
nginx\r\n”

Domain: server.lucadent.ro
Type: unauthorized
Detail: Invalid response from
http://server.lucadent.ro/.well-known/acme-challenge/bk-24FEeF1iED-S0xGspeTtbDR7fzPi-p7nIn9B5l2E
[90.95.143.143]: “\r\n404 Not
Found\r\n\r\n

404 Not
Found

\r\n
nginx\r\n”

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container

The combination of this:

and this:

makes me suspect that the machine on which you’re running certbot is not the machine that those domain names resolve to. Is it? Because if not, there’s your problem.

Yes. you are right… those subdomains are on a different server where i have my domain and my host server…i have those subdomains made…cname …redirecting to duckdns…
how can i fix it?

Can you run the Let’s Encrypt client application on the same machine where the certificates will ultimately be used?

yes… the certificates and let’s encrypt are to an unraid srever

Sorry, I didn’t quite understand your answer to my question.

Could you also run a Let’s Encrypt client application on the same server where the subdomains are pointed, instead of only running it on the server that they’re not pointed to?

Hello Schoen. Thank you for helping me… I have a personal server at home where i run let’s encrypt, nextcloud, bitwarden…and i have a domain at a local provider, there i keep my office website. On my domain i have made 3 subsdomains, enter them on my home server let’s encrypt (that is an Unraid System - debian /ubuntu base), i run it on a docker container. when i try to validate everything,i get that error. all i want do is to access my bitwarden and nextcloud outside my local network… for that i try use let’s encrypt and duckdns

Is it possible that the Docker container doesn’t have the relevant permissions to create publicly visible files for the domain control challenges?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.