Question

I connected my subdomain from GoDaddy to DO droplet but it gives SSL error when I try to visit it

Posted February 25, 2021 171 views
NginxStrapi

I added an A record in Godaddy to point to my DO droplet that runs Strapi CMS and that works, but when I try to access api.milos-vujinic.dev I get Warning: Potential Security Risk Ahead.

Is there a way to mitigate this issue and enable SSL without transferring the domain management to DO?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hello, @milos5593

Have you installed an SSL Certificate for the domain name on the server?

If not, you can follow our tutorial on How To Secure Nginx with Let’s Encrypt on Ubuntu 20.04:

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-20-04

Regards,
Alex

by Brian Boucheron
Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, Certbot, that attempts to automate most (if not all) of the required steps. In this tutorial, you will use Certbot to obtain a free SSL certificate for Nginx on Ubuntu 20.04, and set up your certificate to renew automatically.
  • I get the following error when I try to issue the certificates with sudo certbot --nginx -d example.com -d www.example.com

    IMPORTANT NOTES:
     - The following errors were reported by the server:
    
       Domain: api.milos-vujinic.dev
       Type:   connection
       Detail: Fetching
       http://178.128.156.109/.well-known/acme-challenge/dg5gmxdCKY9C_1XWXtQa6nsIgFIbGZSg5rVi0-wVUVs:
       Invalid host in redirect target "178.128.156.109". Only domain
       names are supported, not IP addresses
    
       To fix these errors, please make sure that your domain name was
       entered correctly and the DNS A/AAAA record(s) for that domain
       contain(s) the right IP address. Additionally, please check that
       your computer has a publicly routable IP address and that no
       firewalls are preventing the server from communicating with the
       client. If you're using the webroot plugin, you should also verify
       that you are serving files from the webroot path you provided.
     - The following errors were reported by the server:
    
       Domain: www.api.milos-vujinic.dev
       Type:   None
       Detail: DNS problem: NXDOMAIN looking up A for
       www.api.milos-vujinic.dev - check that a DNS record exists for this
       domain
    
    • Hello there,

      Looking at the error message it seems like there is a redirect in place for the root domain name and the server can’t find an A record for the www version.

      Keep in mind that if you’ve recently made any DNS changes this might take up to 24 hours in order to fully update. It mainly happens due to cache from the ISPs.

      You can give it another try and let me know if the error message is still the same.

      Regards,
      Alex