1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

How to fix error setting SSL with certbot using?

Discussion in 'Apache' started by mstdmstd, Dec 16, 2018.

  1. #1
    Hello,
    I try to set ssl for my php/laravel application under Digital Ocean with Kubuntu 18
    as in this articles
    https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-18-04

    But I got error trying to use certbot to obtain a free SSL certificate :
    
    # sudo ufw status
    Status: active
    
    To Action From
    -- ------ ----
    Apache Full ALLOW Anywhere 
    443 ALLOW Anywhere 
    80 ALLOW Anywhere 
    22/tcp ALLOW Anywhere 
    Apache Full (v6) ALLOW Anywhere (v6) 
    443 (v6) ALLOW Anywhere (v6) 
    80 (v6) ALLOW Anywhere (v6) 
    22/tcp (v6) ALLOW Anywhere (v6) 
    
    # sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk 
    Saving debug log to /var/log/letsencrypt/letsencrypt.log 
    Plugins selected: Authenticator apache, Installer apache 
    Obtaining a new certificate 
    Performing the following challenges:
    http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk
    http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk
    Waiting for verification...
    Cleaning up challenges
    Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for www.products-catalog.nilov-sergey-demo-apps.tk
    
    IMPORTANT NOTES:
    - The following errors were reported by the server:
    
    Domain: www.products-catalog.nilov-sergey-demo-apps.tk
    Type: None
    Detail: DNS problem: NXDOMAIN looking up A for
    www.products-catalog.nilov-sergey-demo-apps.tk
    
    Code (markup):

    products-catalog.nilov-sergey-demo-apps.tk - that is my domain I got on freenom.com and seaerch I found a hint that I need to add A-record for www subdomain
    SEMrush
    I tried to add new record as https://imgur.com/a/ijFxlzN
    But trying to sumbit this page I got:
    
    • Error occured: Invalid value in dnsrecord
    
    Code (markup):

    IP of my server is 138.68.107.4 and under ssh I enter the console of OS as
    
    ssh root@138.68.107.4
    
    Code (markup):
    But in my /etc/hosts file I had next lines pointing to some other hosts on this server:
    
    # 127.0.0.1 localhost
    127.0.0.1 localhost.localdomain localhost
    138.68.107.4 box.example.com box
    
    
    # The following lines are desirable for IPv6 capable hosts
    ::1 ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ff02::3 ip6-allhosts
    
    138.68.107.4 votes.nilov-sergey-demo-apps.tk
    138.68.107.5 products-catalog.nilov-sergey-demo-apps.tk
    138.68.107.6 csvp.nilov-sergey-demo-apps.tk
    ...
    
    Code (markup):
    I modified 3 lats lines as :
    
    138.68.107.4 votes.nilov-sergey-demo-apps.tk
    138.68.107.4 products-catalog.nilov-sergey-demo-apps.tk
    138.68.107.4 csvp.nilov-sergey-demo-apps.tk
    
    Code (markup):
    But I still not sure is that is valid value, as I have next error again:

    
    # sudo certbot --apache -d products-catalog.nilov-sergey-demo-apps.tk -d www.products-catalog.nilov-sergey-demo-apps.tk 
    Saving debug log to /var/log/letsencrypt/letsencrypt.log 
    Plugins selected: Authenticator apache, Installer apache 
    Obtaining a new certificate 
    Performing the following challenges: 
    http-01 challenge for products-catalog.nilov-sergey-demo-apps.tk 
    http-01 challenge for www.products-catalog.nilov-sergey-demo-apps.tk 
    Waiting for verification... 
    Cleaning up challenges 
    Failed authorization procedure. www.products-catalog.nilov-sergey-demo-apps.tk (http-01): urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up 
    A for www.products-catalog.nilov-sergey-demo-apps.tk 
    IMPORTANT NOTES: 
    - The following errors were reported by the server: 
    
    Domain: www.products-catalog.nilov-sergey-demo-apps.tk 
    Type: None 
    Detail: DNS problem: NXDOMAIN looking up A for 
    www.products-catalog.nilov-sergey-demo-apps.tk
    
    Code (markup):
    can reason of this error be in wrong IP in
    /etc/hosts or some other issue ?

    Thanks!
     
    mstdmstd, Dec 16, 2018 IP
    SEMrush
  2. RoseHosting

    RoseHosting Well-Known Member

    Messages:
    219
    Likes Received:
    11
    Best Answers:
    11
    Trophy Points:
    138
    #2
    You do not have DNS entry for
    www.products-catalog.nilov-sergey-demo-apps.tk
    Code (markup):
    (note www.). You should either point the www to the server IP or run the certbot command without
    -d www. products-catalog.nilov-sergey-demo-apps.tk
    Code (markup):
     
    RoseHosting, Dec 18, 2018 IP