I am trying to get a new certificate for the domain perfectpace.com
with this command: letsencrypt certonly -d perfectpace.com --standalone
The error I get is:
Type: unauthorized
Detail: Invalid response from
http://perfectpace.com/.well-known/acme-challenge/jiFQgIH2xD8sFtZf073WbMx8E7fdDFCo3HyOYOMDnew:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>
I tried both with the webserver that comes with letsencrypt as well as with an apache installation.
Running Ubuntu 16.04
The weird part is when I start the verification and curl perfectpace.com I get the ACME client standalone challenge solver line.
If I run letsencrypt with the domain name leanfive.ddns.net it is working fine. Which makes me think it is probably an issue with the DNS settings but I can’t figure out what it could be.
They both point to the same IPv4 address.
Does letsencrypt use IPv6?
Any dig expert out there who can spot the difference between perfectpace.com and leanfive.ddns.net?
Yes, Let's Encrypt uses IPv6, indeed it prefers IPv6 over IPv4 so as your domain perfectpace.com has an AAAA record Let's Encrypt will try to validate the challenge connecting to your IPv6 address.
Right now, the port 80 in your IPv4 address is closed, maybe because you have nothing listening there or because you have some firewall rule blocking it:
$ curl -IkL4 http://perfectpace.com/.well-known/acme-challenge/jiFQgIH2xD8sFtZf073WbMx8E7fdDFCo3HyOYOMDnew
curl: (7) Failed to connect to perfectpace.com port 80: Connection refused
But port 80 is working on your IPv6 address:
$ curl -IkL6 http://perfectpace.com/.well-known/acme-challenge/jiFQgIH2xD8sFtZf073WbMx8E7fdDFCo3HyOYOMDnew
HTTP/1.1 404 Not Found
Date: Thu, 25 Jan 2018 08:35:45 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
As a quick fix you could remove AAAA record for your domain and give a try to standalone method again.