Certbot - DNS problem: NXDOMAIN looking up A for xxx - check that a DNS records exists for this

isebarn picture isebarn · Feb 7, 2020 · Viewed 14.7k times · Source

So I tried to run the following

sudo certbot certonly --nginx --dry-run -d subdomain.domain.com -d www.subdomain.domain.com

That gave me a DNS problem, however, it worked when running

sudo certbot certonly --nginx --dry-run -d subdomain.domain.com

Am I missing something in my DNS records?

I have sucessfully run

sudo certbot certonly --nginx --dry-run -d domain.com -d www.domain.com

Do I need to make a specific DNS record for the ´´www´´ part if I use subdomains?

Edit Result of running ´´dig subdomain.domain.com´´

; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> subdomain.domain.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45932
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;subdomain.domain.co.uk.           IN      A

;; ANSWER SECTION:
subdomain.domain.co.uk.    1800    IN      A       xxx.yyy.aa.dd

;; Query time: 88 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 07 11:24:26 UTC 2020
;; MSG SIZE  rcvd: 64

Answer

Create an type A entry with the host ´´www.subdomain´´ and you're good

Answer

arturomp picture arturomp · Jun 2, 2020

Adding proper answer from the question:

Create an type A entry with the host "www.subdomain" and you're good

I'd add to wait anywhere between 5 minutes to an hour for the record to take effect and for certbot to be able to see it, from my experience.