Unknowndomain error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: minhajs.tk

I ran this command:sudo certbot --nginx certonly

It produced this output:Failed authorization procedure. www.minhajs.tk (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: unknownHost :: No valid IP addresses found for www.minhajs.tk

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: www.minhajs.tk
    Type: connection
    Detail: unknownHost :: No valid IP addresses found for
    www.minhajs.tk

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address. Additionally, please check that
    your computer has a publicly routable IP address and that no
    firewalls are preventing the server from communicating with the
    client. If you’re using the webroot plugin, you should also verify
    that you are serving files from the webroot path you provided.

My web server is (include version):nginx

The operating system my web server runs on is (include version): ubuntu 18.04

Hi @minhaj-shakeel

checking your domain the problem is simple ( https://check-your-website.server-daten.de/?q=minhajs.tk ):

Host T IP-Address is auth. ∑ Queries ∑ Timeout
minhajs.tk A 10.10.3.29 yes 1 0
AAAA yes
www.minhajs.tk A 10.10.3.29 yes 1 0
AAAA yes

The 10.* is a private network:

Y minhajs.tk
10.10.3.29
warning: Private ip address found: 10.0.0.0 to 10.255.255.255: Class A - one private net with 16.777.216 adresses
Y www.minhajs.tk
10.10.3.29
warning: Private ip address found: 10.0.0.0 to 10.255.255.255: Class A - one private net with 16.777.216 adresses

Your domain must have a public visible ipv4 or / and ipv6 address.

Or you have to use dns-01 validation, then no ip address / webserver is required.

Thanks for the reply , I understand my mistake of attaching private address with my domain . Actually I want to host static website on my computer(which is connected over wifi ) using nginx .When I use public IP address of the system , I still get error

IMPORTANT NOTES:

Now your port 80 is invisible, only timeouts ( https://check-your-website.server-daten.de/?q=minhajs.tk ):

Domainname Http-Status redirect Sec. G
http://minhajs.tk/
1.6.123.106 -14 10.027 T
Timeout - The operation has timed out
http://www.minhajs.tk/
1.6.123.106 -14 10.024 T
Timeout - The operation has timed out
https://minhajs.tk/
1.6.123.106 200 1.683 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
https://www.minhajs.tk/
1.6.123.106 200 1.730 N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
http://minhajs.tk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
1.6.123.106 -14 10.033 T
Timeout - The operation has timed out
Visible Content:
http://www.minhajs.tk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
1.6.123.106 -14 10.030 T
Timeout - The operation has timed out

If you want to use http-01 validation, an open and answering port 80 is required.

So check your firewall / router and allow http traffic.

thanks for the reply, I want to state a couple of points.
1 - When I ping minhajs.tk, it is working fine, But not from any machine which is connected to any other network.
2-I also checked for firewall issue using command sudo ufw status and it gave output

>  To                         Action      From
> --                         ------      ----
> 443/tcp                    ALLOW       Anywhere                   # Open all to access Nginx port 443
> 80/tcp                     ALLOW       Anywhere                   # Open access Nginx port 80
> 22/tcp                     ALLOW       Anywhere                   # Open access OpenSSH port 22
> 443/tcp (v6)               ALLOW       Anywhere (v6)              # Open all to access Nginx port 443
> 80/tcp (v6)                ALLOW       Anywhere (v6)              # Open access Nginx port 80
> 22/tcp (v6)                ALLOW       Anywhere (v6)              # Open access OpenSSH port 22

So I want to ask that is there a possibility that Router have firewall issues and not my machine .(As I am working in a enterprise)
3 - I want to just host a stellar.toml file over https connection , be it locally .so it there any other approach that I should follow .

1 Like

Ping isn't relevant, may be blocked. More important: Do you have a running port 80?

Yes, that's possible. A router may block port 80. Or your ISP blocks port 80.

So how do I check that Router may have blocked port 80.

Check the router. Or ask someone who manages the router.

Ok thanks , but what if i want to host website on private ip address . How is dns-01 authenication done as pointed by you in your first response

Please read the documentation:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.