I ran this command: sudo certbot --nginx -d tobiaskaufmann.at-d www.tobiaskaufmann.at
It produced this output:
Failed authorization procedure. www.tobiaskaufmann.at (http-01):
urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization ::
Invalid response from http://www.tobiaskaufmann.at/.well-known/acme-
challenge/a367FObbz0SqSu3S2im0uVkEtl6-URpUm2LZvGo-Sg0 [2a01:aee0:0:10::11]: "<!DOCTYPE
html>\r\n<html lang=\"de\">\r\n <head>\r\n <meta charset=\"utf-8\">\r\n
<title>easyname | Seite nicht gefunden</t"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.tobiaskaufmann.at
Type: unauthorized
Detail: Invalid response from
http://www.tobiaskaufmann.at/.well-known/acme-challenge/a367FObbz0SqSu3S2im0uVkEtl6-URpUm2LZvGo-Sg0
[2a01:aee0:0:10::11]: "<!DOCTYPE html>\r\n<html lang=\"de\">\r\n
<head>\r\n <meta charset=\"utf-8\">\r\n
<title>easyname | Seite nicht gefunden</t"
My web server is (include version): nginx/1.10.3
The operating system my web server runs on is (include version): debian 9
My hosting provider, if applicable, is: (self hosting on a vserver)
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0
The Let's Encrypt server is getting a returning a not found error from your server when trying to access a challenge verification file it needs to verify your domain:
The actual error code from your server is a 401 unauthorized, indicating that the Let's Encrypt server lacks permission to access the file.
Domain geparkt Diese Domain wird von easyname.com verwaltet. Solltest du der Inhaber dieser Domain sein, kannst du diese im easyname Controlpanel verwalten. Dies ist ein Service von easyname GmbH und wird im Auftrag des Domaininhabers betrieben.
Domain geparkt Diese Domain wird von easyname.com verwaltet. Solltest du der Inhaber dieser Domain sein, kannst du diese im easyname Controlpanel verwalten. Dies ist ein Service von easyname GmbH und wird im Auftrag des Domaininhabers betrieben.
Looks like you have configured ipv4 correct. But ipv6 doesn't work.
Checking your domain Letsencrypt prefers ipv6, that's visible in your error (the ipv6 address).
Ipv6 is the future, so it's excellent to have a working ipv6.
But:
The routing must be correct - 37.252.188.60 and 2a01:aee0:0:10::11 normally should be the same machine
your webserver must answer ipv6 - [::]:80 and [::]:443 etc.
PS: If a webserver has ipv4 and ipv6 and if the client connection / ISP supports ipv6, then the browser prefers iv6 to connect the website. No private ip addresses are required, enough ipv6. More speed.