I need to have a cert for a domain without www.-suffix. Please see below, what I did and what I got. I am not running an own nameserver and my ISP is not providing deep subdomaining like sub.sub.domain.tld.
Can you advice?
certbot certonly --webroot -d sub.domain.tld --webroot-path /srv/http/vhosts/sub.domain.tld/
Requesting a certificate for sub.domain.tld
Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Detail: 130.xxx.xxx.xxx: Fetching http://www.sub.domain.tld/.well-known/acme-challenge/jkIAAwwatTmxg97JezQ-tC9JkTfHpio6LXJR8izssjE: DNS problem: NXDOMAIN looking up A for www.sub.domain.tld - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for www.sub.domain.tld - check that a DNS record exists for this domain
I'm sure you mean a www prefix, not suffix. But with that said, it rather looks like sub.domain.tld is trying to redirect to www.sub.domain.tld, which fails due to the latter not having DNS records. But without your sharing the domain name, it's impossible to tell.
It is impossible to offer much in the way of help without a real domain name. The output you shared indicates that you have no DNS for the hostname, though. That will prevent you from obtaining a certificate.