How to fix error setting SSL with certbot using?

Discussion in 'Apache' started by mstdmstd, Dec 16, 2018.

  1. #1
    Hello,
    I try to set ssl for my php/laravel application under Digital Ocean with Kubuntu 18
    as in this articles
    https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

    But I got error trying to use certbot to obtain a free SSL certificate :
    
    # sudo ufw status
    Status: active
    
    To Action From
    -- ------ ----
    Apache Full ALLOW Anywhere 
    443 ALLOW Anywhere 
    80 ALLOW Anywhere 
    22/tcp ALLOW Anywhere 
    Apache Full (v6) ALLOW Anywhere (v6) 
    443 (v6) ALLOW Anywhere (v6) 
    80 (v6) ALLOW Anywhere (v6) 
    22/tcp (v6) ALLOW Anywhere (v6) 
    
    # sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk 
    Saving debug log to /var/log/letsencrypt/letsencrypt.log 
    Plugins selected: Authenticator apache, Installer apache 
    Obtaining a new certificate 
    Performing the following challenges:
    http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk
    http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk
    Waiting for verification...
    Cleaning up challenges
    Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for www.products-catalog.nilov-sergey-demo-apps.tk
    
    IMPORTANT NOTES:
    - The following errors were reported by the server:
    
    Domain: www.products-catalog.nilov-sergey-demo-apps.tk
    Type: None
    Detail: DNS problem: NXDOMAIN looking up A for
    www.products-catalog.nilov-sergey-demo-apps.tk
    
    Code (markup):

    products-catalog.nilov-sergey-demo-apps.tk - that is my domain I got on freenom.com and seaerch I found a hint that I need to add A-record for www subdomain

    I tried to add new record as https://imgur.com/a/ijFxlzN
    But trying to sumbit this page I got:
    
    • Error occured: Invalid value in dnsrecord
    
    Code (markup):

    IP of my server is 138.68.107.4 and under ssh I enter the console of OS as
    
    ssh root@138.68.107.4
    
    Code (markup):
    But in my /etc/hosts file I had next lines pointing to some other hosts on this server:
    
    # 127.0.0.1 localhost
    127.0.0.1 localhost.localdomain localhost
    138.68.107.4 box.example.com box
    
    
    # The following lines are desirable for IPv6 capable hosts
    ::1 ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
    
    138.68.107.4 votes.nilov-sergey-demo-apps.tk
    138.68.107.5 products-catalog.nilov-sergey-demo-apps.tk
    138.68.107.6 csvp.nilov-sergey-demo-apps.tk
    ...
    
    Code (markup):
    I modified 3 lats lines as :
    
    138.68.107.4 votes.nilov-sergey-demo-apps.tk
    138.68.107.4 products-catalog.nilov-sergey-demo-apps.tk
    138.68.107.4 csvp.nilov-sergey-demo-apps.tk
    
    Code (markup):
    But I still not sure is that is valid value, as I have next error again:

    
    # sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk 
    Saving debug log to /var/log/letsencrypt/letsencrypt.log 
    Plugins selected: Authenticator apache, Installer apache 
    Obtaining a new certificate 
    Performing the following challenges: 
    http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk 
    http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk 
    Waiting for verification... 
    Cleaning up challenges 
    Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up 
    A for www.products-catalog.nilov-sergey-demo-apps.tk 
    IMPORTANT NOTES: 
    - The following errors were reported by the server: 
    
    Domain: www.products-catalog.nilov-sergey-demo-apps.tk 
    Type: None 
    Detail: DNS problem: NXDOMAIN looking up A for 
    www.products-catalog.nilov-sergey-demo-apps.tk
    
    Code (markup):
    can reason of this error be in wrong IP in
    /etc/hosts or some other issue ?

    Thanks!
     
    mstdmstd, Dec 16, 2018 IP
  2. RoseHosting

    RoseHosting Well-Known Member

    Messages:
    230
    Likes Received:
    11
    Best Answers:
    11
    Trophy Points:
    138
    #2
    You do not have DNS entry for
    www.products-catalog.nilov-sergey-demo-apps.tk
    Code (markup):
    (note www.). You should either point the www to the server IP or run the certbot command without
    -d www. products-catalog.nilov-sergey-demo-apps.tk
    Code (markup):
     
    RoseHosting, Dec 18, 2018 IP