Sandbox domain Certproblem

What type of hardware are you using: Old laptop or computer
What YunoHost version are you running: 12.0.9.2
What app is this about: Cryptpad

Describe your issue

I can’t get connect to Cryptpad other than frontpage. So i tried to renew the cert for Cryptpad domain and got an error.
Mail in /out is off and the crazy thing is, it worked a short while
thank you for help

Share relevant logs or error messages

https://paste.yunohost.org/raw/azujajupud

I had the same problem however if you go to admin> applications installed > cryptpad it’ll list some new steps which need to be follow. For me I had to create a new CNAME and then run the commands in the steps. After doing so everything worked as normal.

i have done these cname stuff already and it works a short while, in the new 2024.12 version.
here is my problem.

https://paste.yunohost.org/raw/azujajupud

I was getting the same error until I added the new cname. I think the only one, in your case, used to be sandbox-pad.domain.tld and the new one needs to be sandbox.pad.domain.tld. At least this is how it was for me. Can you double check?

as you can see in the pasted log, it is the right domain and it had worked for a short while

Sorry, with the next release, the old domain sandbox-cryptpad.domain.tld is no more used. But the correct « domain » for sandbox is sandbox.cryptpad.domain.tld.

There is no domain sandbox.cryptpad.domain.tld created, but a a CNAME must be added. And the certificate must be renew, but perhaps it needs wait a bit to have dns cache and propagation renewed before. I have get similar error trying renew the certificate, but after a while, I could renew it…

Also you can remove the old the domain sandbox-cryptpad.domain.tld no more necessary.

Have you do something ? Is it working this time ?

no, I am at a loss

You mean it have works a short time ?

Can you just retry the command yunohost domain dns cert install cryptpad.domain.tld --force ?

Ok I saw your problem…
I think you have not edit correctly the CNAME…
I see your domain name, so I can test the CNAME here https://mxtoolbox.com/ and it did not found it.

In this link, I could verify CNAME for example for my instance cryptpad.linux07.fr. I Choose CNAME Lookup in the orange button and put sandbox.cryptpad.linux07.fr and I see the entry.

Can you verify on your registar zone DNS if the entry is correct ? You will see it with
yunohost domain dns suggest pad.yourdomain.tld

I think for you it must be like
sandbox.pad.maindomain.tld 3600 IN CNAME pad.maindomain.tld.
! Don’t forget the . at the end of the domain

1 Like

Is it singular in your registar ? https://www.namecheap.com/support/knowledgebase/article.aspx/9646/2237/how-to-create-a-cname-record-for-your-domain/

this time i copied and paste the output from yunohost domain dns suggest pad.yourdomain.tld
same error

Oh ! sorry, but the first line is not good ! why pad is a CNAME ?

The site for cryptpad pad.yourdomain.tld must be a A entry (and AAAA if IPv6)
not yet

But there is a problem, your domain pad.domain.tld is a CNAME of domain.tld, it must be a A entry and AAAA as suggested in the dns suggest !

Remove the CNAME for pad and declare the domain with a A and AAA entry please…

grafik
this way? that is correct?

Just to help if someone have similar issue. In some registar the Typo can be different.
Here we found how resolve because to enter a CNAME the doc said

Please make sure that your domain name is not duplicated in the values (e.g., that you enter your subdomain just like mysubdomain and not like mysubdomain.domain.tld). If your domain is using Namecheap Basic nameservers or PremiumDNS, remove the “domain.tld” part of the provided Host value before adding it to the validation record for the domain.

So the entry was Host => sanbox.pad Value => pad.mydomain.tld

Take care that the entries could be different depending of the registar…

you have a typo in sanbox.
thank you again very much, great great support