"sudo bench setup lets-encrypt foo.bar" command getting error

I was trying to install ssl certificate in my implementation. For that ran sudo bench setup lets-encrypt foo.bar but it is showing error Challenge failed for domain foo.bar.

I am attaching the error log here

sudo bench setup lets-encrypt foo.bar
Running this will stop the nginx service temporarily causing your sites to go offline
Do you want to continue? [y/N]: y
INFO:bench.utils:sudo systemctl stop nginx
INFO:bench.utils:/opt/certbot-auto  --config /etc/letsencrypt/configs/foo.bar.cfg certonly
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for foo.bar
Waiting for verification...
Challenge failed for domain foo.bar
http-01 challenge for foo.bar
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: foo.bar
   Type:   dns
   Detail: No valid IP addresses found for foo.bar
INFO:bench.utils:sudo systemctl start nginx
There was a problem trying to setup SSL for your site

Please help me to solve this issue…
Thanks and Regards.

What happens if you try to resolve the foo.bar domain (e.g. dig foo.bar)? This has to be publicly possible…

@lasalesi i got this when i ran dig foo.bar command:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> foo.bar
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59462
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;foo.bar.			IN	A

;; AUTHORITY SECTION:
foo.bar.		60	IN	SOA	ns0.centralnic-dns.com. hostmaster.centralnic-dns.com. 1418031892 10800 3600 604800 86400

;; Query time: 84 msec
;; SERVER: 172.31.0.2#53(172.31.0.2)
;; WHEN: Wed Sep 25 15:05:51 IST 2019
;; MSG SIZE  rcvd: 105

The ANSWER SECTION is missing… you have a server that is responsible, but is missing the required entry… make sure your DNS server resolves the domain.

You should get something like

; <<>> DiG 9.11.5-P1-1ubuntu2.5-Ubuntu <<>> discuss.erpnext.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45608
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;discuss.erpnext.com.           IN      A

;; ANSWER SECTION:
discuss.erpnext.com.    300     IN      A       178.62.129.225

;; Query time: 29 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mi Sep 25 12:10:42 CEST 2019
;; MSG SIZE  rcvd: 64
1 Like

@lasalesi can you please guide me to fix this issue as i am stuck with my work now ?

You have to make sure that there is a DNS name entry for foo.bar (can be A or CNAME) that points to either your IP or a linked hostname. This depends on your DNS server. In case you are running your own server and use bind9, you will need to have something like

foo.bar. IN      A       11.22.33.44

In case you have a hosting provider for the DNS server, they normally have a web portal to configure this. They might also offer direct support.

So they type of DNS server you use is essential to solving this…