My domain is:
api.sergionajera.com
I ran this command:
/opt/letsencrypt/letsencrypt-auto certonly --debug --webroot -w /var/www/api.sergionajera.com -d api.sergionajera.com -d www.api.sergionajera.com --config /etc/letsencrypt/config.ini --agree-tos
It produced this output:
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: api.sergionajera.com
Type: unauthorized
Detail: Invalid response from
http://api.sergionajera.com/.well-known/acme-challenge/CAguyx7MeOEb4ReMCHWQT39qok1K6UpaX-PewaTqff4
[18.217.175.207]: 404To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. -
The following errors were reported by the server:
Domain: www.api.sergionajera.com
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for
www.api.sergionajera.com - check that a DNS record exists for this
domain
My web server is (include version):
nginx/1.14.2
The operating system my web server runs on is (include version):
Linux/unix EC2 instance
uname -r
4.19.0-9-amd64
My hosting provider, if applicable, is:
AWS
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
/opt/letsencrypt/letsencrypt-auto --version
certbot 1.7.0
Hi all, I have a peculiar situation, and maybe it can’t even be done. I’m loosely following this guide (https://medium.com/@gnowland/deploying-lets-encrypt-on-an-amazon-linux-ami-ec2-instance-f8e2e8f4fc1f)
But here’s the problem:
I have a digital ocean bucket I’m using for my client
I have an AWS EC2 instance for my backend
I have only one domain name (sergionajera.com)
I’m using the networking tab in Digital Ocean to point a subdomain to my EC2 instance, so I can create a cert for it and not have to buy another domain name.
I’m not even sure if this is possible, but since it’s a backend API, I don’t really care what the name is, therefore I don’t want to spend more money on it, but I want the benefits of TLS.
I’m getting the error above, even thought I have an A record pointing to that IP address. Any ideas?
tl;dr; I want SSL/TLS on my backend service, but I don’t want to pay for another domain name, so I created a subdomain and am pointing to AWS from Digital Ocean. Not sure if this is even possible.