Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.21.0
On all desktop and tablet browsers, the cert performs perfectly but on some mobile devices with certain browsers the browser yields the msg above showing a mis-match with the (correct) IP address. The domain's NS A record points to the IP address in the browser error msg OK. Why is 'something' trying to match with PI address rather then the domain name and how can I correct? The cert was not issued until the new NS records had been published and availalble locally (and to the public) to certbot
That's to be expected--browsers ordinarily check that the hostname in the URL matches one of the hostnames on the certificate, and if not (and it won't if you're browsing to an IP address), they show this error.
The solution is simple: don't browse to an IP address, browse to a fully-qualified domain name instead.
This isn't your problem, but this is very old--certbot is up to 3.something now.
ANotWorking
Error
haines.com has an A (IPv4) record (24.199.124.129) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
Get "https://24.199.124.129/.well-known/acme-challenge/letsdebug-test": No AAAA or A records were found for 24.199.124.129
Trace:
@0ms: Making a request to http://haines.com/.well-known/acme-challenge/letsdebug-test (using initial IP 24.199.124.129)
@0ms: Dialing 24.199.124.129
@354ms: Server response: HTTP 301 Moved Permanently
@354ms: Received redirect to https://24.199.124.129/.well-known/acme-challenge/letsdebug-test
@418ms: Experienced error: No AAAA or A records were found for 24.199.124.129
IssueFromLetsEncrypt
Error
A test authorization for haines.com to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
24.199.124.129: Fetching https://24.199.124.129/.well-known/acme-challenge/67EBnBnRRLqXoMbwxXjo7W4Fae882r24W8BXRKQFk-M: Invalid host in redirect target "24.199.124.129". Only domain names are supported, not IP addresses
Here is a list of issued certificates crt.sh | haines.com, the latest being 2024-11-30
And here shows SSL Checker the certificate being served is fine.
For some reason your website is redirecting http://haines.com/ to https://24.199.124.129/.
Please fix your erroneous redirect.
Edit: it redirects everything to that IP address. Even when I ask your webserver for the website example.com, it gets redirected to https://24.199.124.129/.
