Certbot (auto)renew failed with apache server on IPV6


I don’t think there’s a very easy way to set up Apache that produces this kind of effect unintentionally!


He has confirmed external access from hotspot so there must be an IPS/firewall/something else in the mix.


Yea, that is really strange, I used my mobile network provider D1 Telecom here in germany and it works for http://ce-stan.feste-ip.net/.well-known/acme-challenge/1234 but it is not working for http://office.feste-ip.net/.well-known/acme-challenge/1234 ??

Could you please retry for http://ce-stan.feste-ip.net/.well-known/acme-challenge/1234


It still doesn’t work for me.

Are you using HTTP or HTTPS?

I can access HTTPS. (Not those files, but the connection works.)

If your browsers have cached a redirect, or HSTS rules, you might not be using HTTP.


There was a typo in it please use:
instead of

I will double check and clear browser cache…



One of the files exists over HTTPS, then, but HTTP is still blocked.


Well yes, http is redirected to https, but I don’t get it why it is not reachable via: http://office.feste-ip.net/.well-known/acme-challenge/1234 from the outside world, connected to my LAN the link is working. Connecting from my mobile device it is not…


It seems like you or your ISP are blocking it with a firewall. Most likely.


--2019-01-14 23:07:10-- (try: 2) http://ce-stan.feste-ip.net/.well-known/acme-challenge/1234
Connecting to ce-stan.feste-ip.net (ce-stan.feste-ip.net)|2a02:908:8a3:1960:921b:eff:fe9f:a15f|:80... failed: Permission denied.

wget https://ce-stan.feste-ip.net/.well-known/acme-challenge/1234
--2019-01-14 23:07:50-- https://ce-stan.feste-ip.net/.well-known/acme-challenge/1234
Resolving ce-stan.feste-ip.net (ce-stan.feste-ip.net)... 2a02:908:8a3:1960:921b:eff:fe9f:a15f
Connecting to ce-stan.feste-ip.net (ce-stan.feste-ip.net)|2a02:908:8a3:1960:921b:eff:fe9f:a15f|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10
Saving to: ‘1234’


Sounds like it’s time to talk with your ISP/HSP about this.


Will do so, thanks for you excellent support…


@JuergenAuer You are in Germany right?

Can you please try to see if the site is accessible at your location?



Yes, but currently this doesn’t help. I can only use ipv4 - checks. Hope that may change, but now ipv6 does not work.


Hi all,

I double checked my router (Fritz Box) and firewall rules were showed correctly.
After a reboot of the router the renewal procedure went through.
Something must have been screwed up or stuck within the router.

Once more thanks all for your support and analysis, Stefan.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.