SSL Certificate Error Can’t be Fixed

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:napfeny.xyz

I ran this command: Virtualmin-SSL Certificate-Let's encrypt-request certificate

It produced this output: Challenge failed for domain admin.napfeny.xyz (logfile below)

My web server is (include version):Apache (Virtualmin package)

The operating system my web server runs on is (include version):Ubuntu Linux 20.04.2

My hosting provider, if applicable, is:n/a , running on a desktop computer

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): virtualmin

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Here are the error messages:
request failed : Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for admin.napfeny.xyz
http-01 challenge for mail.napfeny.xyz
http-01 challenge for napfeny.xyz
http-01 challenge for webmail.napfeny.xyz
http-01 challenge for www.napfeny.xyz
Using the webroot path /home/napfeny/public_html for all unmatched domains.
Waiting for verification…
Challenge failed for domain admin.napfeny.xyz
Challenge failed for domain mail.napfeny.xyz
Challenge failed for domain napfeny.xyz
Challenge failed for domain webmail.napfeny.xyz
Challenge failed for domain www.napfeny.xyz
http-01 challenge for admin.napfeny.xyz
http-01 challenge for mail.napfeny.xyz
http-01 challenge for napfeny.xyz
http-01 challenge for webmail.napfeny.xyz
http-01 challenge for www.napfeny.xyz
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:

The following errors were reported by the server:

Domain: admin.napfeny.xyz
Type: dns
Detail: No valid IP addresses found for admin.napfeny.xyz

Domain: mail.napfeny.xyz
Type: dns
Detail: No valid IP addresses found for mail.napfeny.xyz

Domain: napfeny.xyz
Type: dns
Detail: No valid IP addresses found for napfeny.xyz

Domain: webmail.napfeny.xyz
Type: dns
Detail: No valid IP addresses found for webmail.napfeny.xyz

Domain: www.napfeny.xyz
Type: dns
Detail: No valid IP addresses found for www.napfeny.xyz

Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.

DNS-based validation failed
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for admin.napfeny.xyz
dns-01 challenge for mail.napfeny.xyz
dns-01 challenge for napfeny.xyz
dns-01 challenge for webmail.napfeny.xyz
dns-01 challenge for www.napfeny.xyz
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Waiting for verification…
Challenge failed for domain admin.napfeny.xyz
Challenge failed for domain mail.napfeny.xyz
Challenge failed for domain napfeny.xyz
Challenge failed for domain webmail.napfeny.xyz
Challenge failed for domain www.napfeny.xyz
dns-01 challenge for admin.napfeny.xyz
dns-01 challenge for mail.napfeny.xyz
dns-01 challenge for napfeny.xyz
dns-01 challenge for webmail.napfeny.xyz
dns-01 challenge for www.napfeny.xyz
Cleaning up challenges
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Some challenges have failed.
IMPORTANT NOTES:

The following errors were reported by the server:

Domain: admin.napfeny.xyz
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.admin.napfeny.xyz - check that a DNS record exists
for this domain

Domain: mail.napfeny.xyz
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.mail.napfeny.xyz - check that a DNS record exists
for this domain

Domain: napfeny.xyz
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.napfeny.xyz - check that a DNS record exists for
this domain

Domain: webmail.napfeny.xyz
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.webmail.napfeny.xyz - check that a DNS record
exists for this domain

Domain: www.napfeny.xyz
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.www.napfeny.xyz - check that a DNS record exists
for this domain
1 Like

Hi @ttorok

the not working result is expected, see your check, some hours old - https://check-your-website.server-daten.de/?q=napfeny.xyz

Host Type IP-Address is auth. ∑ Queries ∑ Timeout
napfeny.xyz A 192.168.0.55 No Hostname found yes 1 0
AAAA yes
www.napfeny.xyz A 192.168.0.55 No Hostname found yes 1 0
AAAA yes

That's Grade Y, a private ip address, that's not a unique, public visible ip address.

Change that or switch to dns validation.

But your Virtualmin must be able to update your name servers - dns1.registrar-servers.com is one.

If you have only a local dns, that will not work.

Read the required basics:

2 Likes