Doesn't work for localhost

Question

Doesn't work for localhost

laukstein opened this issue 8 years ago · comments

Binyamin Laukstein commented 8 years ago

On "Step 4: Verify Ownership"

Error: Domain challenge failed.
Please start back at Step 1.

{
  "type": "http-01",
  "status": "invalid",
  "error": {
    "type": "urn:acme:error:connection",
    "detail": "DNS problem: NXDOMAIN looking up A for localhost"
  },
  "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/eWE0XfjoV-k3svPLgT1anrvILA4lMJ81DuLlU13hAGA/15437867",
  "token": "0GqKsde7_VxV5LuvK3yZTmf2dyA0ZcrcXni3KI5whMw",
  "keyAuthorization": "0GqKsde7_VxV2LuvK3yZTmf2daA0ZcrcXni3KI6whMw.yLc6R0-fPTsTXQMzn6JWWUvsiWulYCbn1rdoMY2wdQU",
  "validationRecord": [{
    "url": "http://localhost/.well-known/acme-challenge/0GqKsde7_VxV1LuvK3yZTmf2dyA0ZcrcXni3KI5whMw",
    "hostname": "localhost",
    "port": "80",
    "addressesResolved": null,
    "addressUsed": ""
  }]
}

Licaon_Kter · Answer 1 · Wed Feb 10 2016 04:29:17 GMT+0800 (China Standard Time)

It should be an internet facing machine with a valid domain name, I'm not sure localhost qualifies for this.

rugk · Answer 2 · Mon Feb 15 2016 23:00:36 GMT+0800 (China Standard Time)

I think Let's Encrypt is a bit stubborn at issuing certs for localhost. They also don't do this for lololololollo.ololol and www.*. That's a pity!
Probably you should try whether 127.0.0.1 works.

Daniel Roesler · Answer 3 · Tue Feb 23 2016 05:38:21 GMT+0800 (China Standard Time)

Let's Encrypt looks up the MX record of the account domain before issuing. It doesn't email it (until you're cert is about to expire), but you still need to have the MX records in your DNS.