Problem with certbot --nginx

Hey,
sudo certbot --nginx -d chess-calculator.com -d www.chess-calculator.com
don’t work for me:

Failed authorization procedure. www.chess-calculator.com (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for www.chess-calculator.com, chess-calculator.com (http-01): urn:ietf:params:acme:error:dns :: No valid IP addresses found for chess-calculator.com

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: www.chess-calculator.com
    Type: None
    Detail: No valid IP addresses found for www.chess-calculator.com

    Domain: chess-calculator.com
    Type: None
    Detail: No valid IP addresses found for chess-calculator.com

  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

while here:


I have an IP address everywhere.

I use Ubuntu 18.04

Do you know what the problem is?

The IP address you are pointing your domain to is a Reserved IP address:

A private, inaccessible, IANA/IETF-reserved IP address was found for chess-calculator.com. Let’s Encrypt will always fail HTTP validation for any domain that is pointing to an address that is not routable on the internet. You should either remove this address and replace it with a public one or use the DNS validation method instead.
192.168.1.131

Since Let’s Encrypt isn’t inside your LAN, it can’t connect to your web server to validate that you actually control the domain. You can read more about the HTTP challenge here: https://letsencrypt.org/docs/challenge-types/#http-01-challenge

If you want to be able to issue a certificate this way, and for your website to be available to visitors outside of your LAN, you need to make your website available on a public IP address.

1 Like

Hi @jufwoh

there

is a big warning:

Grade Y - Private IP-Address found

Y chess-calculator.com

192.168.1.131
Warning: Private ip address found. No connection possible. There are two types of ip addresses: Worldwide unique, global addresses and private addresses. If you want that other users connect your domain, your domain must have minimal one A- (ipv4) or AAAA- (ipv6) entry with a global ip address. Check https://en.wikipedia.org/wiki/Private_network to understand the details: 192.168.0.0 to 192.168.255.255: Class C - 256 private net, every with 256 addresses

Same as @_az wrote. You need a public ip address.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.