Please view it
Please correct me, If I am wrong.
1 Like
I have entered below values while creating TXT record,
Name: _acme-challenge.veplopenhab.ga or veplopenhab.ga
Target: Twp72nXkjAyrzv-pLg6CjwDWYgc9kfF3MT8zUtyMwmM
I am getting below error,
1 Like
I was able to enter your record into a domain in Freenom successfully.
See the screenshot:
resulting in:
1 Like
You mean you have created a record for me in your account.
After you sharing the screenshot, I gave “enter” command in terminal, I am getting this error,
Twp72nXkjAyrzv-pLg6CjwDWYgc9kfF3MT8zUtyMwmM
Before continuing, verify the record is deployed.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
Waiting for verification…
Resetting dropped connection: acme-v02.api.letsencrypt.org
Resetting dropped connection: acme-v02.api.letsencrypt.org
Cleaning up challenges
_Failed authorization procedure. veplopenhab.ga (dns-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up TXT for acme-challenge.veplopenhab.ga
IMPORTANT NOTES:
_ - The following errors were reported by the server:_
_ Domain: veplopenhab.ga_
_ Type: None_
_ Detail: DNS problem: NXDOMAIN looking up TXT for_
_ acme-challenge.veplopenhab.ga
1 Like
No, I can't control the records for your account. I'm just showing you the successful way to use the Freenom interface. You need to do it yourself.
and after you do it, wait a couple of minutes before continuing, as there is some delay.
1 Like
That’s great. I can see it is visible in DNS, so if you proceed now, it should succeed to create a certificate.
1 Like
After pressing “Enter”, I am not getting error. It is asking for choice.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you’re confident your site works on HTTPS. You can undo this
change by editing your web server’s configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel):
I dont know which one appropriate for me. Can you please help me on this ?
can i select 2 ?
1 Like
I recommend No Redirect - you can always add a redirect later.
1 Like
It will solve this issue 
1 Like
It will solve that issue whether you use a redirect or not. The option is about forcing HTTPS.
You can enable it if you want, it’s easy to get rid of (or to add) at any time.
Once you’re done, you should be able to visit https://veplopenhab.ga and it should not complain about security.
1 Like
I have selected option 1 and got the certificate successfully,
Congratulations! You have successfully enabled https://veplopenhab.ga
You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=veplopenhab.ga
Thank you so much. With you help, I have got certificate successfully.
3 Likes
Hi _az,
For redirecting certificate to my website, I need to create .conf file /etc/apache2/sites-available/.
Am I correct ?.
If so, Can you please share required code for this ?.
1 Like
If you want Certbot to add a redirect, you can just run:
certbot --cert-name veplopenhab.ga
it will ask you:
What would you like to do?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: Attempt to reinstall this existing certificate
2: Renew & replace the cert (limit ~5 per 7 days)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):
Select “1”
it will then ask you:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel):
and you can select “2” this time.
2 Likes
If that says: https://10.x.x.x/ then the LE cert will also fail.
As LE certs are ONLY for names not for IPs.
You will have to use: https://A.REAL.NAME/
1 Like
1 Like
After running, “certbot --cert-name veplopenhab.ga”
Still, I am seeing the error.
When run like this “certbot --cert-name https://veplopenhab.ga”. I am getting below error,
ananth@ananth:~$ sudo certbot --cert-name https://veplopenhab.ga
_[sudo] password for ananth: _
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: veplopenhab.ga
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ‘c’ to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for veplopenhab.ga
Enabled Apache rewrite module
Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
FileNotFoundError: [Errno 2] No such file or directory: ‘/etc/letsencrypt/renewal/https://veplopenhab.ga.conf’
Please see the logfiles in /var/log/letsencrypt for more details.
ananth@ananth:~$ sudo certbot --cert-name veplopenhab.ga
It seems it looking for this folder " etc/letsencrypt/renewal/https://veplopenhab.ga.conf’"
1 Like
You can’t validate over port 8443.
And until you have a cert, you can’t use cert-name.
So try:
certbot -d veplopenhab.ga
or maybe also add the www to the cert:
certbot -d veplopenhab.ga -d www.veplopenhab.ga
1 Like
OP already has a valid certificate over port 443. No need to issue a new one.
I’m not sure why you changed my --cert-name command from my earlier post. Just run it exactly as it appears in the post.
1 Like
Hi _az, I have verified port 8443, I was getting the error. So I changed the command and tried.
Now, If run this command “certbot -d veplopenhab.ga -d www.veplopenhab.ga”, I am getting this error,
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/veplopenhab.ga:8443.conf)
It contains these names: veplopenhab.ga
You requested these names for the new certificate: veplopenhab.ga,
www.veplopenhab.ga.
Do you want to expand and replace this existing certificate with the new
certificate?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(E)xpand/©ancel: e
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for veplopenhab.ga
http-01 challenge for www.veplopenhab.ga
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.veplopenhab.ga (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for www.veplopenhab.ga
IMPORTANT NOTES:
_ - The following errors were reported by the server:_
_ Domain: www.veplopenhab.ga_
_ Type: None_
_ Detail: DNS problem: NXDOMAIN looking up A for www.veplopenhab.ga_
Do I need to delete this folder /etc/letsencrypt/renewal/veplopenhab.ga:8443.conf and re run your command ?
1 Like