Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output:
ubuntu@owncast:~$ sudo certbot --nginx -d live.mergelab.co -d www.live.mergelab.co
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for live.mergelab.co
http-01 challenge for www.live.mergelab.co
Waiting for verification...
Challenge failed for domain live.mergelab.co
Challenge failed for domain www.live.mergelab.co
http-01 challenge for live.mergelab.co
http-01 challenge for www.live.mergelab.co
Cleaning up challenges
Some challenges have failed.
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
ubuntu@owncast:~$
My web server is (include version):
The operating system my web server runs on is (include version):
Ubuntu 20.04
My hosting provider, if applicable, is: GoDaddy
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Your domain name live.mergelab.co does not have an A or AAAA record in your DNS with the IP address to your server. You need to add one.
Your www domain has an A record pointing to 152.67.111.215. But, is that your server? Because it relates to Oracle Cloud but you say your hosting service is GoDaddy.
Your first step is to make sure your DNS records point to the public IP for the server you run certbot on.
You can check you public IP by running this on your server:
curl -4 ifconfig.co
curl -6 ifconfig.co
These return your IPv4 and IPv6 addresses. IPv6 may not be available and that is ok. In that case do not create an AAAA record in your DNS
I am running the server on Oracle cloud.
my Public ip is 152.67.111.215
I also have a A record in my DNS settings. DNS settings are on Godaddy as i have purchased the domain from them
A www.live 152.67.111.215 600 seconds
CNAME www mergelab.co.
i am still getting the same error when i run the command:
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
No, your DNS is still wrong. You need to setup an A record for your @ name like you did for your NS records.
Or, change your two CNAMEs to both be A records as I previously noted.
You have an unusual use of names in that you are not using your apex name (yet). Doing one of the above two should allow use of both of your subdomains (live and www.live)
Then these names will fail to resolve to any IP:
Thus you won't be able to obtain a cert for them using HTTP authentication.
Nor will anyone on the Internet know where to reach them.
