SSL cert fails for careers.byfaz.org

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: careers.byfaz.org

I ran this command: letsencrypt certonly -w /home/byfaz_live/code/wordpress -d careers.byfaz.org

It produced this output:
Challenge failed for domain careers.byfaz.org
http-01 challenge for careers.byfaz.org
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

My web server is (include version): nginx 1.14

The operating system my web server runs on is (include version): ubuntu/bionic64

My hosting provider, if applicable, is: aws

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.38.0

Note: This subdomain is deployed on a different server and hence there are multiple A records. https://check-your-website.server-daten.de/?q=careers.byfaz.org shows “184.168.131.241” as A record which is main domain however careers.byfaz.org is hosted on 13.57.142.249 and added as a new ‘A’ record on GoDaddy.

Thank you for your help!

2 Likes

Hi @Pankti

that “new A record” isn’t visible, so that can’t work.

Host T IP-Address is auth. ∑ Queries ∑ Timeout
careers.byfaz.org A 184.168.131.241 Scottsdale/Arizona/United States (US) - GoDaddy.com, LLC Hostname: ip-184-168-131-241.ip.secureserver.net yes 1 0
AAAA yes

The check must see the new ip, not 184.168.131.241.

PS: Checked manual, now the new ip address is visible -> ah, the check is one day old - 14.04.2020 12:18:10.

So first step: Recheck your domain to see your current configuration.

2 Likes

Yeah. But mxtoolbox.com rightly shows the IP address “13.57.142.249” for careers.byfaz.org while “184.168.131.241” for byfaz.org. I need to issue ssl only for careers.byfaz.org because the main domain has its own certificate.

Is there any solution for this ?

Hi Team,

Any suggestions for this problem ? We are unable to receive the wildcard certificate for main domain from godaddy so we need to generate the new one for subdomain.

https://check-your-website.server-daten.de/?q=careers.byfaz.org correctly points to “13.57.142.249” and could generate the ssl. Seems it took long to propagate.

2 Likes

Now you have rechecked your domain.

“check your website” uses the authoritative name servers, so the results are fresh. But if you don’t recheck your domain, you see the old informations.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.