I got an email from LetsEncrypt, telling me that my SSL was about to expire. I was confident that the renewal bot would run successfully, however, when I checked my site, I was getting a Privacy Error.
I logged into the terminal and checked if I could manually run the renewal through sudo certbot renew --dry-run
But I got the following error:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/howdenaces.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.howdenaces.com
http-01 challenge for howdenaces.com
Waiting for verification...
Challenge failed for domain www.howdenaces.com
http-01 challenge for www.howdenaces.com
Cleaning up challenges
Attempting to renew cert (howdenaces.com) from /etc/letsencrypt/renewal/howdenaces.com.conf produced an unexpected error: Some challenges have failed.. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/howdenaces.com/fullchain.pem (failure)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/howdenaces.com/fullchain.pem (failure)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 renew failure(s), 0 parse failure(s)
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.howdenaces.com
Type: dns
Detail: DNS problem: SERVFAIL looking up A for www.howdenaces.com -
the domain's nameservers may be malfunctioning
I haven’t changed anything with my records with DigitalOcean, or with NameCheap.
My A Records are the following:
A www.howdenaces.com directs to 128.199.142.171 3600
A howdenaces.com directs to 128.199.142.171 3600
I’m not really sure what happened here.
Can anyone point out what I’m missing? It would greatly help. Thank you.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi @angelovillasant,
When I ping your domain - www.howdenaces.com or howdenaces.com it shows me 100 % packet loss
ping howdenaces.com
PING howdenaces.com (128.199.142.171) 56(84) bytes of data.
^C
--- howdenaces.com ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1010ms
This means that the droplet you have pointed your domain to is not actually online or at least it’s what it seems like Certbot. This is why Certbot is failing.
Regards, KFSys
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.