My domain is: bizdin.kg
I ran this command: ./letsencrypt-auto
It produced this output: To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
My web server is (include version): Ubunut 18 + nginx+ gunicorn
My hosting provider, if applicable, is: linode
I can login to a root shell on my machine (yes or no, or I don’t know):yes
Hi @Eliotnand
there is a check of your domain, ~~ one hour old - https://check-your-website.server-daten.de/?q=bizdin.kg
You have ipv4- and ipv6 addresses:
| Host | T | IP-Address | is auth. | ∑ Queries | ∑ Timeout |
|---|---|---|---|---|---|
| bizdin.kg | A | 172.104.136.252 | yes | 1 | 0 |
| A | 192.168.133.75 | yes | 1 | 0 | |
| AAAA | 2a01:7e01::f03c:91ff:fe14:8abf | yes | |||
| AAAA | 2a01:7e01::f03c:91ff:feb0:f43d | yes | |||
| AAAA | fe80::f03c:91ff:fe14:8abf | yes | |||
| www.bizdin.kg | A | 172.104.136.252 | yes | 1 | 0 |
| AAAA | 2a01:7e01::f03c:91ff:feb0:f43d | yes |
Some addresses are private, remove these.
| Y | bizdin.kg |
|---|---|
| 192.168.133.75 | |
| warning: Private ip address found: 192.168.0.0 to 192.168.255.255: Class C - 256 private net, every with 256 addresses | |
| Y | bizdin.kg |
| fe80::f03c:91ff:fe14:8abf | |
| warning: Private ip address found: fe80:0000:0000:0000:0000:0000:0000:0000 to fe80:ffff:ffff:ffff:ffff:ffff:ffff:ffff: Link-local address |
But critical: Your ipv6 has other answers:
Ipv4 is redirected, ipv6 doesn't answer or is blocked:
Letsencrypt prefers ipv6, so this is critical.
Update your configuration and recheck your domain.
@JuergenAuer, Thanks but I want to create HTTPS domain on other ip.
In new ip will be new version of site. ‘172.104.136.252’ will stay
Now it’s ~~ better. Your last check ( https://check-your-website.server-daten.de/?q=bizdin.kg ):
| Domainname | Http-Status | redirect | Sec. | G |
|---|---|---|---|---|
| • http://bizdin.kg/ | ||||
| 172.104.136.252 | 200 | 1.326 | H | |
| • http://bizdin.kg/ | ||||
| 2a01:7e01::f03c:91ff:feb0:f43d | 200 | 0.213 | H | |
| • http://www.bizdin.kg/ | ||||
| 172.104.136.252 | 200 | 0.146 | H | |
| • http://www.bizdin.kg/ | ||||
| 2a01:7e01::f03c:91ff:feb0:f43d | 200 | 0.200 | H | |
| • https://bizdin.kg/ | ||||
| 172.104.136.252 | -2 | 1.070 | V | |
| ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 172.104.136.252:443 | ||||
| • https://bizdin.kg/ | ||||
| 2a01:7e01::f03c:91ff:feb0:f43d | -2 | 1.083 | V | |
| ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it [2a01:7e01::f03c:91ff:feb0:f43d]:443 | ||||
| • https://www.bizdin.kg/ | ||||
| 172.104.136.252 | -2 | 1.064 | V | |
| ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it 172.104.136.252:443 | ||||
| • https://www.bizdin.kg/ | ||||
| 2a01:7e01::f03c:91ff:feb0:f43d | -2 | 1.087 | V | |
| ConnectFailure - Unable to connect to the remote server No connection could be made because the target machine actively refused it [2a01:7e01::f03c:91ff:feb0:f43d]:443 | ||||
| • http://bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de | ||||
| 172.104.136.252 | 301 | http://bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de/ | 0.053 | D |
| Visible Content: | ||||
| • http://www.bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de | ||||
| 172.104.136.252 | 301 | http://www.bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de/ | 0.046 | D |
| Visible Content: | ||||
| • http://bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de | ||||
| 2a01:7e01::f03c:91ff:feb0:f43d | 403 | 0.050 | M | |
| Forbidden | ||||
| Visible Content: 403 Forbidden nginx | ||||
| • http://bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de/ | 403 | 1.097 | M | |
| Forbidden | ||||
| Visible Content: 403 Forbidden nginx | ||||
| • http://www.bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de | ||||
| 2a01:7e01::f03c:91ff:feb0:f43d | 403 | 0.043 | M | |
| Forbidden | ||||
| Visible Content: 403 Forbidden nginx | ||||
| • http://www.bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de/ | 403 | 0.057 | M | |
| Forbidden | ||||
| Visible Content: 403 Forbidden nginx |
Your ipv6 + http + / works. Https doesn’t work, but that’s not critical.
But ipv4
• http://www.bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
is redirected to
• http://www.bizdin.kg/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de/
with a slash at the end. ipv6 + http has a http status 403.
That status is cricitcal. So check your directory permissions, add /.well-known/acme-challenge and change (chmod) 755.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.