Problem with unkownHost after several hours

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

tallifnatt.catears.se

I ran this command:

sudo certbot --authenticator webroot --webroot-path /var/www --installer apache

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer apache

Which names would you like to activate HTTPS for?

1: tallifnatt.catears.se

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for tallifnatt.catears.se
Using the webroot path /var/www for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. tallifnatt.catears.se (http-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for tallifnatt.catears.se

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: tallifnatt.catears.se
    Type: unknownHost
    Detail: No valid IP addresses found for tallifnatt.catears.se

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

My web server is (include version):

Server version: Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version):

Ubuntu 16.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

no

I have tried to create a certificate with the help of letsencrypts and certbot. It has worked previously on other servers that I own but did not for this one. I got the message I pasted above which suggests that letsencrypt cannot find my server, however when I use my browser and when I use dig (dig tallifnatt.catears.se or dig @8.8.8.8 tallifnatt.catears.se) it gives me the right IP-address. I am not an expert with these things so I would really like some help figuring out why this isn’t working…

tallifnatt.catears.se.  (signed)  3515  A  100.64.43.225

That isn’t a public IP address. It’s a private, shared IP address reserved for Carrier-Grade NAT, similar to how 192.168.x.y addresses are for local networks.

You need a public IP address, IPv4 or IPv6, for Let’s Encrypt HTTP validation.

You can use DNS validation instead, but if you want to run a public website, you would still have a problem…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.