I connected my subdomain from GoDaddy to DO droplet but it gives SSL error when I try to visit it

Question

I added an A record in Godaddy to point to my DO droplet that runs Strapi CMS and that works, but when I try to access api.milos-vujinic.dev I get Warning: Potential Security Risk Ahead.

Is there a way to mitigate this issue and enable SSL without transferring the domain management to DO?

Answer 1

alexdo February 26, 2021

Hello, @milos5593

Have you installed an SSL Certificate for the domain name on the server?

If not, you can follow our tutorial on How To Secure Nginx with Let’s Encrypt on Ubuntu 20.04:

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04

Regards,
Alex

How To Secure Nginx with Let's Encrypt on Ubuntu 20.04

by Brian Boucheron

Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. In this tutorial, you will use Certbot to obtain a free SSL certificate for Nginx on Ubuntu 20.04, and set up your certificate to renew automatically.

Reply Report

milos5593 February 26, 2021

I get the following error when I try to issue the certificates with sudo certbot --nginx -d example.com -d www.example.com

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: api.milos-vujinic.dev
   Type:   connection
   Detail: Fetching
   http://178.128.156.109/.well-known/acme-challenge/dg5gmxdCKY9C_1XWXtQa6nsIgFIbGZSg5rVi0-wVUVs:
   Invalid host in redirect target "178.128.156.109". Only domain
   names are supported, not IP addresses

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.
 - The following errors were reported by the server:

   Domain: www.api.milos-vujinic.dev
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up A for
   www.api.milos-vujinic.dev - check that a DNS record exists for this
   domain

Reply Report

alexdo March 2, 2021

Hello there,

Looking at the error message it seems like there is a redirect in place for the root domain name and the server can’t find an A record for the www version.

Keep in mind that if you’ve recently made any DNS changes this might take up to 24 hours in order to fully update. It mainly happens due to cache from the ISPs.

You can give it another try and let me know if the error message is still the same.

Regards,
Alex
Reply Report

Answer 2

milos5593 February 26, 2021

I get the following error when I try to issue the certificates with sudo certbot --nginx -d example.com -d www.example.com

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: api.milos-vujinic.dev
   Type:   connection
   Detail: Fetching
   http://178.128.156.109/.well-known/acme-challenge/dg5gmxdCKY9C_1XWXtQa6nsIgFIbGZSg5rVi0-wVUVs:
   Invalid host in redirect target "178.128.156.109". Only domain
   names are supported, not IP addresses

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.
 - The following errors were reported by the server:

   Domain: www.api.milos-vujinic.dev
   Type:   None
   Detail: DNS problem: NXDOMAIN looking up A for
   www.api.milos-vujinic.dev - check that a DNS record exists for this
   domain

Reply Report

alexdo March 2, 2021

Hello there,

Looking at the error message it seems like there is a redirect in place for the root domain name and the server can’t find an A record for the www version.

Keep in mind that if you’ve recently made any DNS changes this might take up to 24 hours in order to fully update. It mainly happens due to cache from the ISPs.

You can give it another try and let me know if the error message is still the same.

Regards,
Alex
Reply Report

Related

Question

I connected my subdomain from GoDaddy to DO droplet but it gives SSL error when I try to visit it

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

I connected my subdomain from GoDaddy to DO droplet but it gives SSL error when I try to visit it

Related

Leave a comment

Related

question

Serving two websites on one Nginx

question

Perfect way to install nginx with pagespeed on Ubuntu

question

I have a few question about moint configuration

question

my site i down please see http://www.cheri3a.com/

Looking for something else?