If there is no app (or website or really anything that loads and returns HTTP 200) currently available at that domain then Let’s Encrypt won’t issue the certificate.
If you want to “hack” the certificate you could spin up a quick Apache server and use the standard html file it generates to get the certificate. But then you would need to remove Apache and ensure it isn’t stuck on port 80 or 443.
Have you been able to launch the app without SSL? Just to see if the domain is actually working
Here is a yml file of an app that is working currently.
origin: "https://my_domain.mn:443"
origin: "https://www.my_domain.mn:443"
http-redirect-port: 80
Note: I added the second origin just because it seemed like I should. I have no idea if this is doing anything and it’s there because I thought it would help Let’s Encrypt issue another certificate for the sub domain, which it didn’t seem to. I tried using two A records like in Ryans tutorial, but then SSL wasn’t working on www.
My DNS records are:
- A record for root (@) to the server IP
- CNAME from www to root
This isn’t the only way to do this, but it worked for me.