Certbot - DNS problem: NXDOMAIN looking up A for xxx - check that a DNS records exists for this

Question

So I tried to run the following

sudo certbot certonly --nginx --dry-run -d subdomain.domain.com -d www.subdomain.domain.com

That gave me a DNS problem, however, it worked when running

sudo certbot certonly --nginx --dry-run -d subdomain.domain.com

Am I missing something in my DNS records?

I have sucessfully run

sudo certbot certonly --nginx --dry-run -d domain.com -d www.domain.com

Do I need to make a specific DNS record for the ´´www´´ part if I use subdomains?

Edit Result of running ´´dig subdomain.domain.com´´

; <<>> DiG 9.11.5-P4-5.1ubuntu2.1-Ubuntu <<>> subdomain.domain.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45932
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;subdomain.domain.co.uk.           IN      A

;; ANSWER SECTION:
subdomain.domain.co.uk.    1800    IN      A       xxx.yyy.aa.dd

;; Query time: 88 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Fri Feb 07 11:24:26 UTC 2020
;; MSG SIZE  rcvd: 64

"Do I need to make a specific DNS record for the ´´www´´ part if I use subdomains?" Yes! You'll need a `CNAME` record for the `www` domain. Please show results of a `dig subdomain.domain.com` command! — 0stone0, Feb 07 '20 at 11:16
No problem! It worked? I guess you should ad a `CNAME DNS`; `www.subdomain CNAME @` — 0stone0, Feb 07 '20 at 11:30
i had same issue with nginx and certbot. i added CNAME record in AWS Route53 for subdomain www and pointed it to domain. Ex: if domain is abc.com then create CNAME record with name www and value as abc.com. post that certbot generated certificate. — Smith, Mar 30 '23 at 16:50

score 22 · Accepted Answer · answered Jun 02 '20 at 06:58

22

Adding proper answer from the question:

Create an type A entry with the host "www.subdomain" and you're good

I'd add to wait anywhere between 5 minutes to an hour for the record to take effect and for certbot to be able to see it, from my experience.

answered Jun 02 '20 at 06:58

arturomp

28,790
10
43
72

Where applicable, instead of an `A` DNS record, a `CNAME` DNS record can also resolve the issue. – Abdull Nov 16 '22 at 19:22

Akitha_MJ · Answer 2 · 2020-06-15T12:26:15.307

11

In my case I didn't add www to my domain add A record pointing to server

www.mydomain.com

Al together you need only two A records in domain pointing to your server ip with and without www

mydomain.com

Hope this helps !!!

edited Jun 15 '20 at 12:26

answered Jun 15 '20 at 08:21

Akitha_MJ

3,882
25
20

score 9 · Answer 3 · edited May 26 '23 at 16:01

9

If you are using subdomain than for the subdomain you don't need www.

The modified command is as follows: sudo certbot certonly --nginx --dry-run -d subdomain.com -d www.subdomain.com

edited May 26 '23 at 16:01

Jared Stemper

15
5

answered Apr 21 '20 at 13:25

Abdulmoiz Ahmer

1,953
17
39

did you mean to write "www.subdomain.com" in one of those? – isebarn Apr 22 '20 at 12:36
yes instead of writing www.subdomain.com go with subdomain.com – Abdulmoiz Ahmer Apr 22 '20 at 16:31
Why would you want to add the same domain twice? – gre_gor May 16 '23 at 12:53

score -1 · Answer 4 · answered Jul 18 '22 at 16:18

-1

I forget to add www A record in my godaddy DNS settings You May try this one hope for best...

answered Jul 18 '22 at 16:18

Mizanur2001

1

1

The other answers already say to add the "www" A record. Why is another answer needed? – gre_gor May 16 '23 at 12:54

Certbot - DNS problem: NXDOMAIN looking up A for xxx - check that a DNS records exists for this

4 Answers4