Blocked? Curl returned with 35! Same problem

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: create LE certificate from Bitrix

It produced this output:

"non-zero return code", "rc": 1, "start": "2023-01-25 14:33:52.234902", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}fatal: []: FAILED! => {"changed": true, "cmd": "/home/bitrix/dehydrated/dehydrated -c --force > /home/bitrix/dehydrated_update.log 2>&1", "delta": "0:00:33.402226", "end": "2023-01-25 14:34:25.637128", "msg": "non-zero return code", "rc": 1, "start": "2023-01-25 14:33:52.234902", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}

My web server is (include version): Bitrix Env (Apache+Ansible)

The operating system my web server runs on is (include version): Centos 7

My hosting provider, if applicable, is: Selectel

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Bitrix Env

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): dehydrated

[root@da2171 ~]# traceroute
traceroute to (, 30 hops max, 60 byte packets
 1 (  0.852 ms  0.797 ms  0.744 ms
 2 (  0.992 ms (  0.516 ms  0.718 ms
 3 (  2.873 ms  2.857 ms  3.059 ms
 4  * * *
 5  * * *
29  * * *
30  * * *

Hi @Egor, and welcome to the LE community forum :slight_smile:

What's that about?

traceroute -T -p 443
curl -4Ii

[root@da2171 ~]# traceroute -T -p 443
traceroute to (, 30 hops max, 60 byte packets
 1 (  0.709 ms  0.653 ms  0.843 ms
 2 (  0.580 ms  0.581 ms  0.756 ms
 3 (  3.580 ms  3.578 ms  3.793 ms
 4  * * *
 5  * * (  43.883 ms
 6 (  46.363 ms  45.919 ms (  38.134 ms
 7 (  35.172 ms  38.235 ms  35.082 ms
[root@da2171 ~]# curl -4Ii
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Jan 2023 11:02:46 GMT
Content-Type: text/html
Content-Length: 1540
Last-Modified: Thu, 23 Jun 2022 21:25:45 GMT
Connection: keep-alive
ETag: "62b4da59-604"
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

1 Like

Well, that answers your blocked question.
Your IP is not being blocked.

What does this name (below) have to with your domain?


Let's Debug for the HTTP-01 Challenge is showing AAAANotWorking ERROR and IssueFromLetsEncrypt ERROR has an AAAA (IPv6) record (2a03:6f01:1:7f99::2) but a test request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address. You should either ensure that validation requests to this domain succeed over IPv6, or remove its AAAA record.
A test authorization for to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued. 

This online tool results for A and AAAA records; both exist.

Best Practice - Keep Port 80 Open


No, its gateway of my VDS

My domain is

my ip is:

I don't understand why it shows up in the error message.


I decided to delete the AAAA record. I'll take a look. will it help...

I would say YES!
There was a certificate issued on 2023-01-27, list of issued certificates |
Let's Debug is returning OK for the HTTP-01 Challenge
SSL Server Test: (Powered by Qualys SSL Labs) is showing an A with the certificate issued on 2023-01-27.


I decided to delete the AAAA record.
and will it help!
THX for all


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.