Jump to content

How to fix error setting SSL with certbot using?

Recommended Posts

I try to set ssl for my php/laravel application under Digital Ocean with Kubuntu 18
as in this articles

But I got error trying to use certbot to obtain a free SSL certificate :
# sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
Apache Full                ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
22/tcp                     ALLOW       Anywhere                                                                                                                                                                        
Apache Full (v6)           ALLOW       Anywhere (v6)                                                                                                                                                                   
443 (v6)                   ALLOW       Anywhere (v6)                                                                                                                                                                   
80 (v6)                    ALLOW       Anywhere (v6)                                                                                                                                                                   
22/tcp (v6)                ALLOW       Anywhere (v6)                                                                                                                                                                   
# sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk                                                                              
Saving debug log to /var/log/letsencrypt/letsencrypt.log                                                                                                                                                               
Plugins selected: Authenticator apache, Installer apache                                                                                                                                                               
Obtaining a new certificate                                                                                                                                                                                            
Performing the following challenges:
http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk
http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for www.products-catalog.nilov-sergey-demo-apps.tk

 - The following errors were reported by the server:

   Domain: www.products-catalog.nilov-sergey-demo-apps.tk
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up A for

products-catalog.nilov-sergey-demo-apps.tk - that is my domain I got on freenom.com and seaerch I found a hint that 
I need to add A-record for www subdomain

I tried to add new record as  preview
But trying to sumbit this page I got: 

• Error occured: Invalid value in dnsrecord

What is wrong ? Can new record be issue of my problem ? Or I need to move in other way ?

Configuration in appache is :
 <VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/lprods/public    
    ServerName products-catalog.nilov-sergey-demo-apps.tk
    ServerAlias products-catalog.nilov-sergey-demo-apps.tk
    <Directory /var/www/html/lprods/public>
      AllowOverride All
      Order Deny,Allow
      Allow from all
      Require all granted
    Options FollowSymLinks
    DirectoryIndex index.php
    ErrorLog /var/www/html/lprods/storage/logs/error.log
    CustomLog /var/www/html/lprods/storage/logs/access.log combined
with line in /etc/hosts  products-catalog.nilov-sergey-demo-apps.tk

Can it be issue with my problem ?


Share this post

Link to post
Share on other sites

"www.products-catalog.nilov- sergey -demo-apps. tk " does not resolve to an IP address.

You need either an "A" or a "CNAME" record for "www.products-catalog.nilov-sergey-demo-apps.tk"

An "A" record will point to the IP address.

But if "www.products-catalog.nilov- sergey -demo-apps. tk" has the same IP as "products-catalog.nilov- sergey -demo-apps. tk", then you can use a "CNAME" record pointing to "products-catalog.nilov- sergey -demo-apps. tk"

  • Great Answer 1

Share this post

Link to post
Share on other sites

Sorry I attached printscreen with my options and attempts to add new dns



Is it what I tried to do ?  Why I got error ?

Edited by mstdmstdd

Share this post

Link to post
Share on other sites

I made some more review and found next :
IP of my server is and under ssh I enter the console of OS as 

ssh root@

But in my /etc/hosts file I had next lines pointing to some other hosts on this server:

# localhost localhost.localdomain localhost  box.example.com box

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts  votes.nilov-sergey-demo-apps.tk  products-catalog.nilov-sergey-demo-apps.tk  csvp.nilov-sergey-demo-apps.tk


I modified 3 last lines as :  votes.nilov-sergey-demo-apps.tk  products-catalog.nilov-sergey-demo-apps.tk  csvp.nilov-sergey-demo-apps.tk

But I still not sure is that is valid value, as I have next error again:

# sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk 
Saving debug log to /var/log/letsencrypt/letsencrypt.log 
Plugins selected: Authenticator apache, Installer apache 
Obtaining a new certificate 
Performing the following challenges: 
http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk 
http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk 
Waiting for verification... 
Cleaning up challenges 
Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up 
A for www.products-catalog.nilov-sergey-demo-apps.tk 
 - The following errors were reported by the server: 
   Domain: www.products-catalog.nilov-sergey-demo-apps.tk 
   Type:   None 
   Detail: DNS problem: NXDOMAIN looking up A for 

 can reason of this error be in wrong IP in /etc/hosts or some other issue ?

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.