Certbot certificate failed

My domain is:
http://mydigitaltrader.com/
I ran this command:
sudo certbot certonly --webroot -w /var/www/html -d mydigitaltrader.com

It produced this output:

Certbot failed to authenticate some domains (authenticator: webroot). The Certificate Authority reported these problems:
Domain: mydigitaltrader.com
Type: unauthorized
Detail: 2a02:4780:b:1235:0:daf:7bb7:2: Invalid response from http://mydigitaltrader.com/.well-known/acme-challenge/_PtEMC5OrC-dZfrm5SzIYDQbmFuYfMMCt-5DyS9gp5g: 404

Hint: The Certificate Authority failed to download the temporary challenge files created by Certbot. Ensure that the listed domains serve their content from the provided --webroot-path/-w and that files created there can be downloaded from the internet.

My web server is (include version):
hostinger vps

The operating system my web server runs on is (include version):
Ubuntu 22.04 64bit with HestiaCP

My hosting provider, if applicable, is:
Hostinger vps

I can login to a root shell on my machine (yes or no, or I don't know):
Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

certbot 1.21.0

You have both an IPv4 and IPv6 address in your DNS but they point to different servers. One points to a LiteSpeed server and the other is nginx.

I was just stopping for the night but review the Let's Debug test results. You at least need to have both those IP addresses point to the same place. Rerun Let's Debug test after making changes and check results.

4 Likes

Thanks a lot, i have resolved it.

2 Likes

You made progress but your IPv6 is not working.

I can see you got a new cert and requests using IPv4 on HTTP and HTTPS work correctly.

But, anyone trying IPv6 to reach you will time out. Your DNS AAAA record should point directly to the same nginx server as your A record. If you don't have IPv6 support you should remove the AAAA record.

This is not unique to Let's Encrypt. This is anyone trying to use IPv6. See this example of me trying to reach your home page from my own test server.

* IPv4 works correctly
curl -i4 -m5 https://mydigitaltrader.com
HTTP/2 200
server: nginx

<h1>From a vps server </h1>
<h3>Just go to understand hostinger vps </h3>

* IPv6 does not 
curl -i6 -m5 https://mydigitaltrader.com
curl: (28) Failed to connect to mydigitaltrader.com port 443 after 2501 ms: 
Connection timed out
2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.