Doesn't work for localhost
laukstein opened this issue · comments
Binyamin Laukstein commented
On "Step 4: Verify Ownership"
Error: Domain challenge failed.
Please start back at Step 1.
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:connection",
"detail": "DNS problem: NXDOMAIN looking up A for localhost"
},
"uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/eWE0XfjoV-k3svPLgT1anrvILA4lMJ81DuLlU13hAGA/15437867",
"token": "0GqKsde7_VxV5LuvK3yZTmf2dyA0ZcrcXni3KI5whMw",
"keyAuthorization": "0GqKsde7_VxV2LuvK3yZTmf2daA0ZcrcXni3KI6whMw.yLc6R0-fPTsTXQMzn6JWWUvsiWulYCbn1rdoMY2wdQU",
"validationRecord": [{
"url": "http://localhost/.well-known/acme-challenge/0GqKsde7_VxV1LuvK3yZTmf2dyA0ZcrcXni3KI5whMw",
"hostname": "localhost",
"port": "80",
"addressesResolved": null,
"addressUsed": ""
}]
}
Licaon_Kter commented
It should be an internet facing machine with a valid domain name, I'm not sure localhost
qualifies for this.
rugk commented
I think Let's Encrypt is a bit stubborn at issuing certs for localhost. They also don't do this for lololololollo.ololol and www.*. That's a pity!
Probably you should try whether 127.0.0.1
works.
Daniel Roesler commented
Let's Encrypt looks up the MX record of the account domain before issuing. It doesn't email it (until you're cert is about to expire), but you still need to have the MX records in your DNS.