No valid IP addresses found for domain


#1

I am hosting my website in the digital ocean server droplet. I have done it before, but now I need to obtain a certificate as well. If i host my application without configuring certificate I can access it both by ip and by www.forcecommit.com domain name. But trying to obtain a certificate and running this command:
sudo certbot --nginx -d forcecommit.com -d www.forcecommit.com
I get this error:

  Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for forcecommit.com
    http-01 challenge for www.forcecommit.com
    Waiting for verification...
    Cleaning up challenges
    Failed authorization procedure. forcecommit.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: unknownHost :: No valid IP addresses found for forcecommit.com

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: forcecommit.com
   Type:   connection
   Detail: unknownHost :: No valid IP addresses found for
   forcecommit.com

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.
 - Your account credentials have been saved in your Certbot
   configuration directory at /etc/letsencrypt. You should make a
   secure backup of this folder now. This configuration directory will
   also contain certificates and private keys obtained by Certbot so
   making regular backups of this folder is ideal.

I am a little bit confused because I can ping that website and I get the response. What could be the problem?


#2

Hi @Tomheza

your www has an ipv4 address, your non-www not ( checked with https://check-your-website.server-daten.de/?q=forcecommit.com ).

Host T IP-Address is auth. ∑ Queries ∑ Timeout
forcecommit.com A yes 1 0
AAAA yes
www.forcecommit.com A 104.248.24.36 yes 1 0
AAAA yes

So your non-www is invisible.

Create an A record in your dns settings with forcecommit.com and the same ip address.


#3

You were right! I don’t know why I didn’t think it was necessary!