Please fill out the fields below so we can help you better.
My domain is: test-ehrvm.primate.wisc.edu
I ran this command: certbot certonly -w /space/application/local/well-known/ -d test-ehrvm.primate.wisc.edu
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
How would you like to authenticate with the ACME CA?
-------------------------------------------------------------------------------
1: Place files in webroot directory (webroot)
2: Spin up a temporary webserver (standalone)
-------------------------------------------------------------------------------
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 1
Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for test-ehrvm.primate.wisc.edu
Using the webroot path /space/application/local/well-known for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. test-ehrvm.primate.wisc.edu (http-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for test-ehrvm.primate.wisc.edu
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: test-ehrvm.primate.wisc.edu
Type: unknownHost
Detail: No valid IP addresses found for test-ehrvm.primate.wisc.edu
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
My operating system is (include version): CentOS Linux release 7.1.1503 (Core)
My web server is (include version): NGINX 1.13.0
My hosting provider, if applicable, is: N/A
I can login to a root shell on my machine (yes or no, or I don’t know): Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No
I don’t understand why it claims the host is unreachable:
- Google’s DNS servers give the correct IP address.
- I am able to access a public test file being served by the host from my home network through public DNS and internet (as opposed to internal networks).
- I was able to set this up for another host, ehrvm.primate.wisc.edu, with essentially the same configuration: the only difference is the hostname.
- DNS Viz shows no problems that exist for test-ehrvm that don’t exist for ehrvm (which worked flawlessly).
I’m running Tomcat being NGINX, but NGINX redirects all requests for anything under /.well-known/
to a web root directory that certbot can write to, as demonstrated by the fact that the test file is being served and the fact that the process worked on ehrvm.primate.wisc.edu.