LetsEncrypt error - DNS

I have been trying to install LetsEncrypt on an Ubuntu 20.04 run on Virtual Machine I hosted on one of my personal laptops. However, I keep getting this error: Screenshot - 758d11a94d7fde6c6bc5b9435f0d6601 - Gyazo

All of the relevant ports (80, 443 etc.) are open, and I am using the Virtual Machine’s private IP in the subdomain’s DNS (tried using the public IP but I get the same error; probably because I’ve got several devices on the network, sharing the public IP).

Can anyone let me know what I may be missing here?


There is problem with your DNS A record

I have an A record pointing the subdomain to the IP of the Virtual Machine. Is there anything extra that needs to be done on that front?

Is this a local IP or a public IP which can be accessible from Internet?

Tried with both the Private IP of the VM and then the Public IP (which is, by the way, share by all the machines on the network). The error message above is what I get when I’m pointing the subdomain to the Private IP while this is the error I get when pointing to the Public IP: Screenshot - f23bb3aab84952863ecbaf831de7aa73 - Gyazo

What do you see when try to open the link http://your-domain-fqdn/ ?

Don’t try with IP, use FQDN

I can’t open this link.

Also, when I am installing Jitsi, I am inputting my FQDN and not the associated IP address.

So, Lets Encrypt cannot open too. Therefore it cannot complete the process.

Check your DNS record with

apt-get dnsutils

dig @ your-domain-fqdn

Okay, I fixed that. Now the subdomain is accessible and I can actually start a conference (just myself trying launching Jitsi). However, the LetsEncrypt errors described above still persist.

The subdomains points to my Private iP.

An address in the public DNS has to be, well, public.
You’ll never get a certificate with Let’sEncrypt http verification using a private address.

Right. But when I set the subdomain to point to the Public IP of the VM, the subdomain becomes inaccessible. Not sure if that is caused by the fact I’ve got several devices under this network that share the same Public IP or if it is something else.

this case is normally handled by having a reverse proxy that differentiates between hosts by the SNI (Server Name Indication).
if your public IP address is, and you have 3 hosts, a web server, a mail server and a videoconferencing server, when your network is accessed on the reverse proxy accepts the connection and redirects
www.mydomain.com to
mail.mydomain.com to
meet.mydomain.com t o

Excuse my ignorance, I am not an IT person (as if that hasn’t become apparent already).

So why could it be that when I set the subdomain to point at the Public IP, I still get this error message about the DNS A record not being right? Could this be caused by the settings for the Virtual Machine? Should I try installing LetsEncrypt when NAT is used or should I use the ‘Bridged’ connection option?

The error messages were not the same; when you used the public IP address you got ‘access denied’. Now I can’t speculate on what exactly has happened, but it was not immediately a DNS problem since the Let’sEncrypt tried to access something and did not get this access.