Do you know where your DHCP server is? What are you plugging your Debian server’s network cable into? I understand that networking apparently worked while you were installing Debian, and it’s unclear why that would have changed, but if I were in your position the first things I would suspect would be something with the DHCP server itself (like it stopped running or ran out of addresses), or a lack of connectivity between the Debian server and the DHCP server.
In other words, I’d start troubleshooting with your network, but it’s hard to suggest specifics because we don’t know anything about your network. One simple thing to try might be to restart your router. For most home networks, that’s where the DHCP server will be, and it should start up on boot.
They’d need a certificate authority to issue the certificate, and the victim’s browser would have to trust that authority.
Edit: and the scammer would need to control the domain DNS server to use the subdomain, like another reply said, so the certificate alone wouldn’t help much.