SSL activating in VPS Getting Error Below - ssl

I tried a website to activate an SSL in VPS I have many domain names but all are successfully active except one domain name freecodeing.com. I mention the error in the below IMPORTANT NOTES:
The following errors were reported by the server: Domain: freecodeing.com
Type: unauthorized
Detail: 82.180.162.33: Invalid response from
http://freecodeing.com/.well-known/acme-challenge/nX18j8YXwmGgeXnPuI-tugws3wfaRHPcFPq1CuCfq0M:
404 To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Please Solve the problem

Related

SSL Certificate on HSTS domains

I have a new domain in the .dev TLD, which is forced HSTS as far as I understood, so I can't access it through HTTP but HTTPS only.
Im trying to setup the SSL certificate like I did 100 times before using certbot on ubuntu/apache2.
Now my problem is that when the certbot tries to authenticate, it doesn't work because the acme-challenge tries to access the file in .well-known through HTTP, which doesn't work with HSTS domains.
How do you usually deal with that, I couldn't find anything useful so far.
Error message from certbot:
Failed authorization procedure. example.dev (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.dev/.well-known/acme-challenge/t6qvuntJAoDTAwoMnjQnA5R4vZ-IdWptb_yakexutp4 [2001:8d8:100f:f000::259]: 204
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: example.dev
Type: unauthorized
Detail: Invalid response from
http://example.dev/.well-known/acme-challenge/t6qvuntJAoDTAwoMnjQnA5R4vZ-IdWptb_yakexutp4
[2001:8d8:100f:f000::259]: 204
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

Authentication issue with Certbot (300 Multiple Choices) & Nginx & DNS

I've problems creating letsencrypt certs with the certbot.
Because I don't know where the problem is, I will just write everything down which can be the root cause:
I do have a domain and one subdomain. There is a Nginx which redirects the subdomain to the domain on a specific port.
Now I run the certbot for my domain without the subdomain at first.
sudo certbot --nginx -d domain.de -d www.domain.de
This leads to the following error:
Domain: domain.de Type: unauthorized Detail: Invalid
response from
http://domain.de/.well-known/acme-challenge/Y_Ka6V9JlHjBqjqanHLthoVL9F2yju_2TczRPwkBD0s:
"\n\n300 Multiple Choices\n\nMultiple C"
Domain: www.domain.de Type: unauthorized Detail: Invalid
response from
http://www.domain.de/.well-known/acme-challenge/Vf234FTDH7zH5TUBbBwVGfPVLK3m5rllc1s3Cu9KK3I:
"\n\n300 Multiple Choices\n\nMultiple C"
I couldn't find much except this thread. Letsencrypt Community
So I guess it is realted to my DNS Settings. I rent the domain via 1&1 and created a subdomain as well. Because I was playing around with Nginx redirects and the DNS settings, I configured the subdomain to have the same IPv4 & IPv6 as the domain. Could this be the problem or do I have to look somewhere else?
Best regards from Berlin!
I checked the IPv6 address with nslookup and this pointed to somewhere else. I do not understand how this can happen because I never touched the IPv6 (AAAA) record. I guess Certbot is checking A and AAAA and because they did not match the authentication failed.
I deleted the AAAA records for the domain and was able to get a cert without a problem.

Configuring domain and a server

So I have a domain
1. somedomain.com
2. server ipv4 address
On Google domains I have:
Name TYPE DATA
# A 11.85.258.61
Cloudflare:
TYPE Name Value
A pamperyouanywhereapi.com 11.85.258.61
CNAME www pamperyouanywhereapi.com
But I get the error below When I try to access my app:
This site can’t be reached
This is the correct setup. Make sure you wait out up to 48 hours when doing a new website.
Set up is correct. But I think my tomcat is blocking Cloudflare. I went through this article.
And the commands the author has provided in that article, they did not give me positive results.
Wrong article; but if I recall it was telnet your server's ip address.

DNS entry for third level domain

I am trying to create a third-level domain virtual host on my server. I hope the configs are set up correctly, but I am getting a ERR_NAME_NOT_RESOLVED error.
I have read that I have to "add DNS entry" somewhere so that the name would get resolved, but how do I do that? Where do I do that? The server is running on Ubuntu .
I suppose you get that ERR_NAME_NOT_RESOLVED error from Chrome. This means that Chrome is unable to find the subdomain in DNS.
You are correct, registering your subdomain in DNS will require DNS changes. Specifically, you have to add a DNS A resource record for your subdomain to become "visible" to browsers over IPv4. For IPv6, add an AAAA, too. Both record types point to an IP address and it will be the IP address of your web server. (Technically, you can also use a CNAME type record, but make sure to read up on how that works.)
Subdomain DNS will be served by the authoritative DNS servers for your domain, so you can register the required record(s) through your DNS service provider. If you are not sure who they are, look up the NS records for your domain, this will give you the list of authoritative name servers for your domain and you can work from there.
I understand you have already configured your Apache to work with the subdomain, so setting up DNS completes the setup process.

Using mod_rewrite to bypass an "invalid SSL cert" error

I have a certificate that is registered to the fully qualified domain name of a server on our intranet (webserver.domain.com). When our internal users hit this site via the fully qualified name, they go right in and aren't prompted that it's an invalid cert. If they browse to the web server via the hostname (non-fully qualified) they are redirected to the https version and no prompt is made there either. The part of my mod_rewrite that I'm missing is if someone connects to the web server via http's' with just the hostname. I can't seem to get that to rewrite to the FQDN. It doesn't rewrite and always prompts that the cert is invalid. Any help is appreciated. Thanks!
Here's an example of what I can't seem to match:
https://webserver/pubs/index.html
I need it to rewrite to:
https://webserver.domain.com/pubs/index.html
Unfortunately this isn't going to be possible - the prompt occurs when the connection is made, before mod_rewrite is involved.
If they OK the prompt, then you can rewrite to the FQDN.