I'm unable to get and configure certificates for a new webapp. Below are details:
Currently hosted domain (Godaddy) : passerel.ca
Domain name to get help : passerel.passerel.ca (DNS recorded for internal server - hosts file)
I ran the command certbot --apache
It produced this output:
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: passerel.passerel.ca
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for passerel.passerel.ca - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for passerel.passerel.ca - check that a DNS record exists for this domain
My web server is Apache/2.4.6 (CentOS)
The operating system my web server runs on is CentOs 7
My hosting provider is: GoDaddy
I can login to the hosted machine but with an account with no-root priviledges. For example, I can't restart Apache...
If it's intended to be a non-publicly-accessible server, then rather than adding the hostname to DNS you can use the DNS-01 challenge to just add a TXT record to the DNS server rather than needing to make the web server itself accessible. But details for how to do that depend on a lot on how well your DNS provider supports API-based updates, and what access you have to your system to run something. I'm surprised you are trying certbot at all if you don't have root access, as I didn't think that usually worked. If your hosting provider is setting up their control panel right it should just work and handle all DNS updates itself, but many hosting companies don't want to or don't know how to make supporting HTTPS easy.
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: passerel.passerel.ca
Type: dns
Detail: DNS problem: NXDOMAIN looking up A for passerel.passerel.ca - check that a DNS record exists for this domain; DNS problem: NXDOMAIN looking up AAAA for passerel.passerel.ca - check that a DNS record exists for this domain
Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.
If this is supposed to be a public site, then you're going about this backwards:
First, get the site working and publicly accessible to the Internet.
Second, work on adding HTTPS.
Doing it the other way around is going to make things much harder on yourself. Let's Encrypt needs to verify that you own the name you're looking for a certificate for, as seen by everyone on the Internet. So you need to establish ownership of the name first, and often the easiest way to do that is to have your site publicly visible.