Jump to content

How to fix error setting SSL with certbot using?


Recommended Posts

I try to set ssl for my php/laravel application under Digital Ocean with Kubuntu 18
as in this articles

But I got error trying to use certbot to obtain a free SSL certificate :
# sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
Apache Full                ALLOW       Anywhere                  
443                        ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
22/tcp                     ALLOW       Anywhere                                                                                                                                                                        
Apache Full (v6)           ALLOW       Anywhere (v6)                                                                                                                                                                   
443 (v6)                   ALLOW       Anywhere (v6)                                                                                                                                                                   
80 (v6)                    ALLOW       Anywhere (v6)                                                                                                                                                                   
22/tcp (v6)                ALLOW       Anywhere (v6)                                                                                                                                                                   
# sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk                                                                              
Saving debug log to /var/log/letsencrypt/letsencrypt.log                                                                                                                                                               
Plugins selected: Authenticator apache, Installer apache                                                                                                                                                               
Obtaining a new certificate                                                                                                                                                                                            
Performing the following challenges:
http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk
http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for www.products-catalog.nilov-sergey-demo-apps.tk

 - The following errors were reported by the server:

   Domain: www.products-catalog.nilov-sergey-demo-apps.tk
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up A for

products-catalog.nilov-sergey-demo-apps.tk - that is my domain I got on freenom.com and seaerch I found a hint that 
I need to add A-record for www subdomain

I tried to add new record as  preview
But trying to sumbit this page I got: 

• Error occured: Invalid value in dnsrecord

What is wrong ? Can new record be issue of my problem ? Or I need to move in other way ?

Configuration in appache is :
 <VirtualHost *:80>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html/lprods/public    
    ServerName products-catalog.nilov-sergey-demo-apps.tk
    ServerAlias products-catalog.nilov-sergey-demo-apps.tk
    <Directory /var/www/html/lprods/public>
      AllowOverride All
      Order Deny,Allow
      Allow from all
      Require all granted
    Options FollowSymLinks
    DirectoryIndex index.php
    ErrorLog /var/www/html/lprods/storage/logs/error.log
    CustomLog /var/www/html/lprods/storage/logs/access.log combined
with line in /etc/hosts  products-catalog.nilov-sergey-demo-apps.tk

Can it be issue with my problem ?

Link to comment
Share on other sites

"www.products-catalog.nilov- sergey -demo-apps. tk " does not resolve to an IP address.

You need either an "A" or a "CNAME" record for "www.products-catalog.nilov-sergey-demo-apps.tk"

An "A" record will point to the IP address.

But if "www.products-catalog.nilov- sergey -demo-apps. tk" has the same IP as "products-catalog.nilov- sergey -demo-apps. tk", then you can use a "CNAME" record pointing to "products-catalog.nilov- sergey -demo-apps. tk"

  • Great Answer 1
Link to comment
Share on other sites

I made some more review and found next :
IP of my server is and under ssh I enter the console of OS as 

ssh root@

But in my /etc/hosts file I had next lines pointing to some other hosts on this server:

# localhost localhost.localdomain localhost  box.example.com box

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts  votes.nilov-sergey-demo-apps.tk  products-catalog.nilov-sergey-demo-apps.tk  csvp.nilov-sergey-demo-apps.tk


I modified 3 last lines as :  votes.nilov-sergey-demo-apps.tk  products-catalog.nilov-sergey-demo-apps.tk  csvp.nilov-sergey-demo-apps.tk

But I still not sure is that is valid value, as I have next error again:

# sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk 
Saving debug log to /var/log/letsencrypt/letsencrypt.log 
Plugins selected: Authenticator apache, Installer apache 
Obtaining a new certificate 
Performing the following challenges: 
http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk 
http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk 
Waiting for verification... 
Cleaning up challenges 
Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up 
A for www.products-catalog.nilov-sergey-demo-apps.tk 
 - The following errors were reported by the server: 
   Domain: www.products-catalog.nilov-sergey-demo-apps.tk 
   Type:   None 
   Detail: DNS problem: NXDOMAIN looking up A for 

 can reason of this error be in wrong IP in /etc/hosts or some other issue ?

Link to comment
Share on other sites

This thread is more than a year old.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.