Let's encrypt can't verify xmpp-upload.domain - installation of certificate fails

Hi there

I’ve setup my YunoHost server yesterday for the first time. Now I’m not able to install the letsencrypt certificates: https://paste.yunohost.org/raw/iyateyuqik

The ports work as they should. I also set up the dns as recommended but I don’t have any IPv6 entries and the wildcard-A-entry was not permited by my dns-service. I’ve tested this with the self diagnosis tool.

My YunoHost server

Hardware: Raspberry PI 4 4GB
YunoHost version: 4.0.4
I have access to my server : Through SSH | through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Zblerg, not sure why this fails (the xmpp-upload part) if all the other stuff work …

Are you interested in the xmpp-upload feature ? Otherwise I guess a “simple” fix/workaround would be to not define / delete the DNS record for xmpp-upload, and yunohost will not attempt to integrate xmpp-upload inside the certificate … (Just be sure to wait ~1hour maybe after deleting the DNS record)

Thank you for your reply. It still fails, it still lists both domains:
Found domains: xmpp-upload.domain, domain
the dns setting of xmpp-upload are deleted.

Ah yes you also need to re-run the diagnosis for DNS records maybe … in the Diagnosis section of the webadmin (it should find a warning about the xmpp-upload record but you can safely click Ignore for it)

1 Like

Ok, this worked. Thank you.

@Aleks Hi I’m running into the same issue with the automatic domain (.nohost.me) so I don’t have any DNS access.

How should I fix this?

I think I have an idea why this issue appears …

Can you try to edit a dnsmasq conf file with

nano /etc/dnsmasq.d/yourdomain.nohost.me

(replacin yourdomain.nohost.me with … your domain…)

that will enter a command line text editor where you should see on the first line something like


With being your global IP

then let’s ~duplicate that line to have


Then save/exit with Ctrl+X, then run systemctl reload dnsmasq, and retry the certificate install

(Annnnd maybe you also need to do the same thing for the ipv6 address which is at the bottom of the file)

@steakscience : forget my previous post, this should be fixed in latest’s release 4.0.6

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.