Auto renewal in Plesk not working because of IPv6 config

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version): Intel® Xeon® CPU E3-1240 v5 @ 3.50GHz (8 core(s))

The operating system my web server runs on is (include version): Centos OS6

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Pleask 12.5.30

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Lets Encrypt auto renewal stopped working and I am getting Timed Out on manual renewals. Manual renewals work if I delete AAAA records in DNS but this is obviously a temporary workaround (we host over 100 domains). Command line tests like netstat indicate our shared IPv6 number is listening on port 80 but online tests like indicate “web server unreachable”. Plesk support website mentions problems with Lets Encrypt updater not switching to IPv4 when IPv6 is misconfigured. Does anyone have an easy solution to this problem ?

Hi @bekway

there are some checks of your domain and your ipv6 address -

You have two options:

  • remove the AAAA entry (not good) (or)
  • fix your ipv6 configuration, so the answer isn't a T = Timeout

ping [2a02:af8:6:900::1:5] doesn't answer.

Is it the correct address? Perhaps ask your hoster. Or is it a home server?

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.