Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
On the virtualmin panel "request certificate for
alternatememories.com
www.alternatememories.com
mail.alternatememories.com
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for alternatememories.com
http-01 challenge for mail.alternatememories.com
http-01 challenge for www.alternatememories.com
Using the webroot path /home/alternatememories.com/public_html for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. mail.alternatememories.com (http-01): urn:ietf:params:acme:error:dns :: Fetching https://www.mail.alternatememories.com/.well-known/acme-challenge/nGMw_nw7th3Bi58cdfE6GHvwGgpdDTj6TAzGJ7jOLBc: DNS problem: NXDOMAIN looking up A for www.mail.alternatememories.com - check that a DNS record exists for this domain
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: mail.alternatememories.com
Type: None
Detail: Fetching
https://www.mail.alternatememories.com/.well-known/acme-challenge/nGMw_nw7th3Bi58cdfE6GHvwGgpdDTj6TAzGJ7jOLBc:
DNS problem: NXDOMAIN looking up A for
www.mail.alternatememories.com - check that a DNS record exists for
this domain
DNS-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Renewing an existing certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.
My web server is (include version):
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2020-08-12T21:33:25
The operating system my web server runs on is (include version):
Ubuntu 4.15.0-141-generic
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Virtualmin 6.16
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
N/A
The www.alternatememories.com cert is retrieved fine. I don't know why its looking for www.mail.alternatememories.com. All mail servers are working ok, but I have to override the exception in the mail client to useit, which is the problem I'm trying to solve.
Is it possible the DNS entries are borked? Thanks.