No valid A records found for

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
prepnerds.co

I ran this command:
certbot certonly --webroot

It produced this output:

• The following errors were reported by the server:

  Domain: prepnerds.co
  Type: None
  Detail: no valid A records found for prepnerds.co; no valid AAAA
  records found for prepnerds.co

  Domain: www.prepnerds.co
  Type: None
  Detail: no valid A records found for www.prepnerds.co; no valid
  AAAA records found for www.prepnerds.co

My web server is (include version):

The operating system my web server runs on is (include version):
Running the web server on my MacOS 13.6.3 (22G436)
192.168.5.249/

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Certbot 2.9.0

DNS setup in GoDaddy
A @ 192.168.5.249
CNAME www prepnerds.co

In order to obtain a cert from an trusted CA, you must prove control of that name.
HTTP-01 authentication requires access to your site over the Internet.
The Internet can't reach such an IP.

How can anyone reach your site?

@eric0293 OK now it looks like you have an IP Address that is accessible from the Internet.

image1256×419 14.3 KB

However Port 80 is CLOSED; Best Practice - Keep Port 80 Open
The HTTP-01 challenge , of the Challenge Types - Let's Encrypt , REQUIRES access to Port 80.
"The HTTP-01 challenge can only be done on port 80."

$ nmap -Pn -p80,443 prepnerds.co
Starting Nmap 7.80 ( https://nmap.org ) at 2024-03-17 21:54 UTC
Nmap scan report for prepnerds.co (34.229.20.203)
Host is up (0.082s latency).
rDNS record for 34.229.20.203: ec2-34-229-20-203.compute-1.amazonaws.com

PORT    STATE  SERVICE
80/tcp  closed http
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds

Also using the online tool Let's Debug yields these results https://letsdebug.net/prepnerds.co/1839652 saying basically the same thing.

ANotWorking
ERROR
prepnerds.co has an A (IPv4) record (34.229.20.203) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
Get "http://prepnerds.co/.well-known/acme-challenge/letsdebug-test": dial tcp 34.229.20.203:80: connect: connection refused

Trace:
@0ms: Making a request to http://prepnerds.co/.well-known/acme-challenge/letsdebug-test (using initial IP 34.229.20.203)
@0ms: Dialing 34.229.20.203
@102ms: Experienced error: dial tcp 34.229.20.203:80: connect: connection refused

IssueFromLetsEncrypt
ERROR
A test authorization for prepnerds.co to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
34.229.20.203: Fetching http://prepnerds.co/.well-known/acme-challenge/kuQ2DYZONEKjiwj-jtYGmVVhmjX_FnI_ESsohQi7eR8: Connection refused

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.