Unable to determine base domain

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: n64088.org and results.sarasotasailingsquadron.org

I ran this command:

sudo certbot certonly --server https://acme-v02.api.letsencrypt.org/directory
–cert-name n64088.org
–dns-digitalocean
–dns-digitalocean-propagation-seconds 60
–dns-digitalocean-credentials ~/.secrets/certbot/n64088.digitalocean.ini
-d n64088.org -d *.n64088.org
–dns-digitalocean
–dns-digitalocean-propagation-seconds 60
–dns-digitalocean-credentials ~/.secrets/certbot/sss.digitalocean.ini
-d results.sarasotasailingsquadron.org
–dry-run

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator dns-digitalocean, Installer None
Cert is due for renewal, auto-renewing…
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for n64088.org
dns-01 challenge for n64088.org
dns-01 challenge for results.sarasotasailingsquadron.org
Cleaning up challenges
Encountered exception during recovery:
Traceback (most recent call last):
File “/home/flymike/.local/lib/python3.5/site-packages/certbot/auth_handler.py”, line 69, in handle_authorizations
resps = self.auth.perform(achalls)
File “/home/flymike/.local/lib/python3.5/site-packages/certbot/plugins/dns_common.py”, line 58, in perform
self._perform(domain, validation_domain_name, validation)
File “/usr/local/lib/python3.5/dist-packages/certbot_dns_digitalocean/dns_digitalocean.py”, line 47, in _perform
self._get_digitalocean_client().add_txt_record(domain, validation_name, validation)
File “/usr/local/lib/python3.5/dist-packages/certbot_dns_digitalocean/dns_digitalocean.py”, line 76, in add_txt_record
domain = self._find_domain(domain_name)
File “/usr/local/lib/python3.5/dist-packages/certbot_dns_digitalocean/dns_digitalocean.py”, line 163, in _find_domain
.format(domain_name, domain_name_guesses))
certbot.errors.PluginError: Unable to determine base domain for n64088.org using names: [‘n64088.org’, ‘org’].

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File “/home/flymike/.local/lib/python3.5/site-packages/certbot/error_handler.py”, line 124, in _call_registered
self.funcs-1
File “/home/flymike/.local/lib/python3.5/site-packages/certbot/auth_handler.py”, line 220, in _cleanup_challenges
self.auth.cleanup(achalls)
File “/home/flymike/.local/lib/python3.5/site-packages/certbot/plugins/dns_common.py”, line 77, in cleanup
self._cleanup(domain, validation_domain_name, validation)
File “/usr/local/lib/python3.5/dist-packages/certbot_dns_digitalocean/dns_digitalocean.py”, line 50, in _cleanup
self._get_digitalocean_client().del_txt_record(domain, validation_name, validation)
File “/usr/local/lib/python3.5/dist-packages/certbot_dns_digitalocean/dns_digitalocean.py”, line 116, in del_txt_record
domain = self._find_domain(domain_name)
File “/usr/local/lib/python3.5/dist-packages/certbot_dns_digitalocean/dns_digitalocean.py”, line 163, in _find_domain
.format(domain_name, domain_name_guesses))
certbot.errors.PluginError: Unable to determine base domain for n64088.org using names: [‘n64088.org’, ‘org’].
Unable to determine base domain for n64088.org using names: [‘n64088.org’, ‘org’].
My web server is (include version): apache 2.4.18

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: DigitalOcean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.35.1

I have 2 domains on a single certificate because one domain is an Apache ServerAlias for the other.
Additionally the 2 domains are held under different DO accounts - which is why there are 2 separate --dns-digitalocean-credentials options specifed.
I am renewing an existing certificate, using a command which has worked in the past - so this might be an intermittent problem.

Hi,

Since you’ve said that the setup works fine in the past, what will happen if you run sudo certbot renew?

Thank you

Good idea, thanks. Tried it - got same error.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.