Your domain name was entered correctly and the DNS A/AAAA record(s)

Hi everyone,

I couldn't obtain a certificate due to errors with DNS A/AAAA record(s) however they were already configured on Cloudflare.

Could you pls help folks? :slight_smile:

Nginx config:

server {
        root /var/www/hybridized;
        index index.php index.html index.htm index.nginx-debian.html;

        #listen [::]:443 ssl http2 ipv6only=on;
        #listen 443 ssl http2; # managed by Certbot

        client_max_body_size 500M;

        location / {
                #try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php$is_args$args;

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
                fastcgi_connect_timeout 300s;
                fastcgi_read_timeout 300s;
                fastcgi_send_timeout 300s;

        location ~ /\.ht {
                deny all;

        location = /favicon.ico { log_not_found off; access_log off; }
        location = /robots.txt { log_not_found off; access_log off; allow all; }
        location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
            expires max;
            log_not_found off;

        location ~ ^/\.user\.ini {
                deny all;
    #ssl_certificate /etc/letsencrypt/live/f{{ defined_http_host }}/fullchain.pem; # managed by Certbot
    #ssl_certificate_key /etc/letsencrypt/live/{{ defined_http_host }}/privkey.pem; # managed by Certbot
    # include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

My domain is: hybridized

I ran this command: sudo certbot --nginx -d -d

It produced this output:

organic@server:/tmp$ sudo certbot --nginx -d -d
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Requesting a certificate for and
Performing the following challenges:
http-01 challenge for
Waiting for verification...
Challenge failed for domain
http-01 challenge for
Cleaning up challenges
Some challenges have failed.

 - The following errors were reported by the server:

   Type:   unauthorized
   Detail: Invalid response from
   [2606:4700:3031::6815:5fd0]: "<!DOCTYPE html>\n<!--[if lt IE 7]>
   <html class=\"no-js ie6 oldie\" lang=\"en-US\">
   <![endif]-->\n<!--[if IE 7]>    <html class=\"no-js "

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

My web server is (include version): nginx/1.21.3

The operating system my web server runs on is (include version): Ubuntu 21.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.12.0

1 Like

Why would you remove the "TLS" entries from your vhost? (a step in the wrong direction)
It now has no listen statement. (not even sure how nginx will use that)
Being behind CloudFlare, all of LE's challenge requests will come to your server as HTTPS requests; As seen in the failure:


Thanks for your help, mate. Adding "TLS" entries solved the problem.

Strange, it's worked before when I was setting up Nginx config files with HTTP/2 protocol with Godaddy though. I haven't had any problems with other domain registrars - have 8 more websites on the host :slight_smile:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.