Hi Guys,
I have a couple issues I’m trying to solve…
I have an MQTT service that requires TLS. The certbot certificate does work, but usually only after three or four tries.
The error I get is “some challengers failed”
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: xxxxxxx
Type: dns
Detail: no valid A records found for xxxxxx; no valid AAAA records found for xxxxxx
Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.
Some challenges have failed.
I have my own domain with a dedicated IPv4 and IPv6 IP.
The solution I came up with was to generate a cert using –staging and then once it works, remove the –staging flag and force a renew.
Is there something I can configure to get the certs to generate reliably?
My second question is, is there any way I have have the certs auto renew?
Thanks to all in advance.
Edit:
I have tried creating the certs in a release command as part of the deploy. But because the certs are unreliable I’m unable to use it in that manner.
Command to generate the certs;
certbot certonly
–standalone
–non-interactive
–agree-tos
–no-eff-email
–no-redirect
–email “…”
–domains “…”