Using A records instead of DNS

My client's domain name and email are hosted by iPower! He has been with them a long time and does not want to change. I used A records to point to his new website because I could not change the DNS. Is there a way to use A Records with Let's Encrypt that is free with the hosting package. If not are there suggestions on how I can get an SSL using A records only?

My domain is:
I ran this command:

It produced this output:

My web server is (include version):
Hostinger VPS with CloudPanel
The operating system my web server runs on is (include version):
Ubuntu 22.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): CloudPanel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

SSL/TLS Certificates | CloudPanel | Documentation


Thank you, I did look at this. It seems that the free Let's Encrypt SSL is out of the question. Which is what I was hoping to find a way here. If not I will purchase and import as mentioned at the bottom of the page you recommended.

1 Like

Here is what I see for DNS A records (and other records as well).


That is correct. My question; is there a way to use the free version of Let's Encrypt? It states DNS is required. Or purchase and import certificate?

I think you may misunderstand something.

An A record that points to a web service (like Apache or nginx) can be used to get a Let's Encrypt cert. This is called the HTTP Challenge. Or, more advanced is a TLS-ALPN challenge using port 443 which also uses an A record. An AAAA record for IPv6 is also supported for either.

There is also an option to use a TXT record in the DNS for the DNS Challenge.

I believe the CloudPanel docs you were referred to use the HTTP Challenge.

Why do you think this won't work? Can you explain in more detail? Here is info about the challenge types


Correct. To use the HTTP Challenge the DNS must have an A (and/or AAAA) record that points to the web service.

These records would be needed by anyone on the public internet to find and connect to your domain. This is not unique to Let's Encrypt

Bruce's post showed that a DNS A record for already points to I also see DNS A record for and I don't know why CloudPanel can't see them.

Maybe you just need to instruct CloudPanel about that? I'm not sure I don't use CloudPanel and didn't read their docs. This might be a better question for their support forum


Using the online tool Let's Debug yields these results with results of OK for the HTTP-01 challenge of the Challenge Types - Let's Encrypt.

I don't see the problem.

1 Like

I am puzzled about which domain name is the problem too.

The latest panel showed which has an A record but the connection to it fails. Maybe that is why CloudPanel gives an error?

The IP for looks to belong to Hetzner in Germany. But, you say the hosting provider is Hostinger.

Which domain name are you trying to get a cert for?

3 Likes is an example in the support doc I screenshot. Sorry for the confusion.
Thank you. I am looking into the challenge right now.

1 Like

Thank you both. I was able to install the Let's Encrypt Certificate.


Can you please specify what the issue was and what fixed that issue for you? Then you can mark your post as the answer to the thread for future readers :slight_smile:


The issue turned out to be that I misinterpreted the statement in the documents that said a DNS record pointing to this server is required to issue the Let's Encrypt Certificate. I assumed that meant the NS records that I could not change due to the email issue. So I did not test the install. After this conversation I tested the install, as mentioned the domain was pointed using A records. I am assuming the installation does the challenge types referenced above and the certificate installed without a hitch.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.