Having problem while installing let’s encrypt (Challenge Failed error) on ubuntu

sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh

This script will:

  • Need a working DNS record pointing to this machine(for domain meet.elemental.com)
  • Download certbot-auto from https://dl.eff.org to /usr/local/sbin
  • Install additional dependencies in order to request Let’s Encrypt certificate
  • If running with jetty serving web content, will stop Jitsi Videobridge
  • Configure and reload nginx or apache2, whichever is used
  • Configure the coturn server to use Let’s Encrypt certificate and add required deploy hooks
  • Add command in weekly cron job to renew certificates regularly

You need to agree to the ACME server’s Subscriber Agreement (https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf)
by providing an email address for important account notifications
Enter your email and press [ENTER]: decimal111ELASHRY@gmail.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for meet.elemental.com
Using the webroot path /usr/share/jitsi-meet for all unmatched domains.
Waiting for verification…
Challenge failed for domain meet.elemental.com
http-01 challenge for meet.elemental.com
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: meet.elemental.com
    Type: dns
    Detail: DNS problem: NXDOMAIN looking up A for meet.elemental.com -
    check that a DNS record exists for this domain; DNS problem:
    NXDOMAIN looking up AAAA for meet.elemental.com - check that a DNS
    record exists for this domain

I get this error when run the Encrypt Certificates command

Do you have working A record for that domain? It won’t work otherwise.

yes i map this domain name for our server IP address and I can access it and create meeting

how to check it please ?

The domain name has to be publicly resolvable to your server IP so that LetsEncrypt can validate that you own that domain and it points to the right host.

You can try looking up your domain using online tools like Dig (DNS lookup) or ICANN Lookup

I guess, i also could be issue of firewall or inbound security rules ,
set port 80 as HTTP, 443 as HTTPS etc correctly should be open to public , so your lets encrypt can read your hosting content to install certificate.