Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Obtaining a new certificate
An unexpected error occurred: Error creating new order :: Cannot issue for “username.ddns.net/nextcloud”: Invalid character in DNS name (and 1 more problems. Refer to sub-problems for more information.)
Please see the logfiles in /var/log/letsencrypt for more details.
IMPORTANT NOTES:
Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal.
My web server is (include version):
Apache2.4
The operating system my web server runs on is (include version):
Xubuntu 18.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No, I want to use only ddns
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
$ certbot --version
certbot 0.23.0
I think that the problem is in domain name /nextcloud
But I don’t know how to solve it.
I type in browser username.ddns.net/nextcloud.
It shows me https, but browser tells me that certificate is bad.
You can't create a certificate with a subfolder. Only domain names are allowed.
-d username.ddns.net -d www.username.ddns.net
may work.
But checking your domain with your username there is a http status 500 checking port 80. So creating a certificate can't work. Port 80 must be open and must answer. Read the result ( https://check-your-website.server-daten.de/ ), fix your configuration, then recheck your domain.
Nmap scan report for 95-24-*-.broadband.corbina.ru (95.24.215.70)
Host is up (0.0044s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp filtered telnet
53/tcp open domain
80/tcp open http
443/tcp open https
9091/tcp open xmltec-xmlmail
I think, that port 80, 443 is open, and I redirected it to my local server
certbot certonly --dry-run --webroot -w /var/www/letsencrypt -d username.ddns.net -d www.username.ddns.net
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges: http-01 challenge for username.ddns.net
http-01 challenge for www.username.ddns.net Using the webroot path /var/www/letsencrypt for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. username.ddns.net (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://username.ddns.net/.well-known/acme-challenge/MF2RN3RHMrO3xchg-ayJ6SvBg4Ai4xC-4ous0lZOJSo [95.24.215.70]: "\n\n500 Internal Server Error\n\n
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Yeeeeah!
I’ve got it! The problem was that in some forums some People adviced me to use own domain+vps+reverse proxy to my server, that’s why I had a lot of anorher settings in conf files such as default-ssl.conf, 000-default.conf. I commented this strings and it gave me the certificates.
And if somebody will ask, can I get certificate for ddns, the answer is YES! And it works fine! (with default settings)
Thank for help.
P. S.
Sorry for my broken English I’m from Russia
I’m from Russia