Certbot failed to authenticate some domains

Hi.

I ran 'certbot --apache' for ingo-preuss.de, which worked fine. Both Domains use the same IP. Certbot did work for 'ingo-preuss.de' but not for 'bbvd.info'.

While running 'sudo certbot --apache' for 'bbvd.info' I got the following error:

Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
Domain: bbvd.info
Type: unauthorized
Detail: Invalid response from http://bbvd.info/.well-known/acme-challenge/2CYWxT0dudgnOGPQEcHGFBQIj48P5D-XNwxEgNDsPgo [2001:8d8:100f:f000::2b2]: 204

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

My domain is: bbvd.info

I ran this command: sudo certbot --apache

It produced this (letsencryp.log) output:

2021-08-15 16:41:48,899:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2021-08-15 16:41:49,364:DEBUG:certbot._internal.main:certbot version: 1.18.0
2021-08-15 16:41:49,365:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/1343/bin/certbot
2021-08-15 16:41:49,365:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal']
2021-08-15 16:41:49,365:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-08-15 16:41:49,380:DEBUG:certbot._internal.log:Root logging level set at 30
2021-08-15 16:41:49,381:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2021-08-15 16:41:49,446:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.41
2021-08-15 16:41:49,684:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Installer, Authenticator, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7eff0eb3ab50>
Prep: True
2021-08-15 16:41:49,685:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7eff0eb3ab50> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7eff0eb3ab50>
2021-08-15 16:41:49,685:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2021-08-15 16:41:49,695:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/162373170', new_authzr_uri=None, terms_of_service=None), 672e985188a682c5ec15e67b446c79f4, Meta(creation_dt=datetime.datetime(2021, 8, 15, 13, 2, 14, tzinfo=<UTC>), creation_host='localhost.localdomain', register_to_eff=None))>
2021-08-15 16:41:49,696:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-08-15 16:41:49,698:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2021-08-15 16:41:50,229:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2021-08-15 16:41:50,230:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 15 Aug 2021 14:41:50 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "DYgw8jq5WXg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2021-08-15 16:41:53,126:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for bbvd.info
2021-08-15 16:41:53,389:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): /etc/letsencrypt/keys/0005_key-certbot.pem
2021-08-15 16:41:53,392:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0005_csr-certbot.pem
2021-08-15 16:41:53,392:DEBUG:acme.client:Requesting fresh nonce
2021-08-15 16:41:53,392:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2021-08-15 16:41:53,526:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2021-08-15 16:41:53,527:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 15 Aug 2021 14:41:53 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0102m6BEJz4Cq69KvB_IL_AFg1xzpYpoLSn6mCwtHnYW4kM
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2021-08-15 16:41:53,527:DEBUG:acme.client:Storing nonce: 0102m6BEJz4Cq69KvB_IL_AFg1xzpYpoLSn6mCwtHnYW4kM
2021-08-15 16:41:53,527:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "bbvd.info"\n    }\n  ]\n}'
2021-08-15 16:41:53,531:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYyMzczMTcwIiwgIm5vbmNlIjogIjAxMDJtNkJFSno0Q3E2OUt2Ql9JTF9BRmcxeHpwWXBvTFNuNm1Dd3RIbllXNGtNIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "XFNevG1rkLbY-FrPkSAWop6ul62V_nZIJrWseFbCotu3v6NAAhegIpnCodyUIqduZbyTBPR3rdUcRh_47JNcc5Ga_7p4ytYXdnSTGvwJciUKMcOXeHl7eZ4ZlEHt5kUUI137IaWzV_eLKFoAiXPu9U0cS-MWDkqJN59EttfkDOkKnIif5IXiiWV3wcZ2gYetBWZ_zIkTOWubPl8LKUm95TMn3fNcTHWp8A2jHlOo-tbEfhvLSDf27fGyz1PS75g6j81oURYGMuDKLOWQ-peaeSPKeN8yQHiDXz_fpwnWZEjlZfnFPJiwGUee5wLhUo17KJzgkfnMx8UlVvl_jiOcLg",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImJidmQuaW5mbyIKICAgIH0KICBdCn0"
}
2021-08-15 16:41:53,872:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 332
2021-08-15 16:41:53,873:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Sun, 15 Aug 2021 14:41:53 GMT
Content-Type: application/json
Content-Length: 332
Connection: keep-alive
Boulder-Requester: 162373170
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/162373170/17095179240
Replay-Nonce: 0102Im_-s0TFIdTD7g6a-UDn-euZimCyUDw0E0otUjw_Vqw
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2021-08-22T14:41:53Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "bbvd.info"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/22074279610"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/162373170/17095179240"
}
2021-08-15 16:41:53,873:DEBUG:acme.client:Storing nonce: 0102Im_-s0TFIdTD7g6a-UDn-euZimCyUDw0E0otUjw_Vqw
2021-08-15 16:41:53,873:DEBUG:acme.client:JWS payload:
b''
2021-08-15 16:41:53,875:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/22074279610:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYyMzczMTcwIiwgIm5vbmNlIjogIjAxMDJJbV8tczBURklkVEQ3ZzZhLVVEbi1ldVppbUN5VUR3MEUwb3RVandfVnF3IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMjA3NDI3OTYxMCJ9",
  "signature": "nu07R3WlmCXXLJeJarsmQECtdB8CxipCli3GGA_QjMVhmXy3lM_uxjPxFGCyGHxASXZFlPbYtvFde2j_NNNKLK3hjktElfePsKfT-al7urjLt7o_2U9LS-Zna4xMiDL68d6WTeZZXoJR8OB8MrusK8kanctUdvkfpi0-9sORdA4ijnZubsPZDk6oicee_YpFZBsNtXdVIr6BsBGbt0890YROHfEF7Vaptv2bcPW9ZdTFibBM3XSN_O7v2H5UuM9GzA_p5-xhhuVu381Lug9kmMgWli2sbSoNEFyAwQwVGvn-SIk1ms1m_hq8tQihbyFA2BTKu9z_uQiU6cZi_qmDcQ",
  "payload": ""
}
2021-08-15 16:41:54,045:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/22074279610 HTTP/1.1" 200 790
2021-08-15 16:41:54,045:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 15 Aug 2021 14:41:53 GMT
Content-Type: application/json
Content-Length: 790
Connection: keep-alive
Boulder-Requester: 162373170
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0101gKED-L1Uu9gbyCHWJTEuS980nU9bpVpgS-Q5LQyreIg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "bbvd.info"
  },
  "status": "pending",
  "expires": "2021-08-22T14:41:53Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/22074279610/p9W2hw",
      "token": "SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/22074279610/JpGs5A",
      "token": "SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/22074279610/goX_Bg",
      "token": "SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA"
    }
  ]
}
2021-08-15 16:41:54,046:DEBUG:acme.client:Storing nonce: 0101gKED-L1Uu9gbyCHWJTEuS980nU9bpVpgS-Q5LQyreIg
2021-08-15 16:41:54,046:INFO:certbot._internal.auth_handler:Performing the following challenges:
2021-08-15 16:41:54,046:INFO:certbot._internal.auth_handler:http-01 challenge for bbvd.info
2021-08-15 16:41:54,053:DEBUG:certbot_apache._internal.http_01:Adding a temporary challenge validation Include for name: bbvd.info in: /etc/apache2/sites-enabled/bbvd.info.conf
2021-08-15 16:41:54,054:DEBUG:certbot_apache._internal.http_01:writing a pre config file with text:
         RewriteEngine on
        RewriteRule ^/\.well-known/acme-challenge/([A-Za-z0-9-_=]+)$ /var/lib/letsencrypt/http_challenges/$1 [END]
    
2021-08-15 16:41:54,054:DEBUG:certbot_apache._internal.http_01:writing a post config file with text:
         <Directory /var/lib/letsencrypt/http_challenges>
            Require all granted
        </Directory>
        <Location /.well-known/acme-challenge>
            Require all granted
        </Location>
    
2021-08-15 16:41:54,074:DEBUG:certbot.reverter:Creating backup of /etc/apache2/sites-enabled/bbvd.info.conf
2021-08-15 16:41:57,201:DEBUG:acme.client:JWS payload:
b'{}'
2021-08-15 16:41:57,203:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/22074279610/p9W2hw:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYyMzczMTcwIiwgIm5vbmNlIjogIjAxMDFnS0VELUwxVXU5Z2J5Q0hXSlRFdVM5ODBuVTlicFZwZ1MtUTVMUXlyZUlnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9jaGFsbC12My8yMjA3NDI3OTYxMC9wOVcyaHcifQ",
  "signature": "LLhqFG_hyaI2Zm2MyGWGRi1JvlQfbhrAr2usqvq5YappoePG1MlRiPXzipimHNXm2hFyNkNY1JaxjB_t3SZX68hRR88tyyHG2O1bY7Gzh3WEhRuQ20w-zStFGlMdKFcDAzvch-b4GAW3Zibja-HfEgLTuTfcKP72iPQiR0PPH1X9cgH-dmxPWeWGOc1no341dVN7_VrXkWBVAKEpsJShV7mXxUzek_or04ozRQ51-HMPjf9GGCe9Gb99DDeFK0EcBA8vbT5walaOn9J9GMCTbosyvbX_eaUAkATeJ0QKrgRnzAVcWws0IKCtfojHNAI34DJOiC5avtFhmyTmolq7pg",
  "payload": "e30"
}
2021-08-15 16:41:57,387:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/chall-v3/22074279610/p9W2hw HTTP/1.1" 200 186
2021-08-15 16:41:57,387:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 15 Aug 2021 14:41:57 GMT
Content-Type: application/json
Content-Length: 186
Connection: keep-alive
Boulder-Requester: 162373170
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://acme-v02.api.letsencrypt.org/acme/authz-v3/22074279610>;rel="up"
Location: https://acme-v02.api.letsencrypt.org/acme/chall-v3/22074279610/p9W2hw
Replay-Nonce: 01016BVgxDf69Yi8sOkWRdjpYLj_2HkBqN0gUyIRvN4Evto
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "type": "http-01",
  "status": "pending",
  "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/22074279610/p9W2hw",
  "token": "SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA"
}
2021-08-15 16:41:57,388:DEBUG:acme.client:Storing nonce: 01016BVgxDf69Yi8sOkWRdjpYLj_2HkBqN0gUyIRvN4Evto
2021-08-15 16:41:57,388:INFO:certbot._internal.auth_handler:Waiting for verification...
2021-08-15 16:41:58,389:DEBUG:acme.client:JWS payload:
b''
2021-08-15 16:41:58,391:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/22074279610:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTYyMzczMTcwIiwgIm5vbmNlIjogIjAxMDE2QlZneERmNjlZaThzT2tXUmRqcFlMal8ySGtCcU4wZ1V5SVJ2TjRFdnRvIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yMjA3NDI3OTYxMCJ9",
  "signature": "KZjY2e7ILL8609cQSy4No6j8siT7o0TO836qok6isUVl8LAYvePJlBqUFgoGfun05jFDvya63Vlcd67JDR5MU0kFDRkZ6OGir79mEV1e4C_6X4e-icFik0zhR9OMn4ecnW1d_bl8zfwT1071x-rrmx0G88V63aOMsV2_HnNEXK7EfOPGxkgIjOHJxIDRbKXa8GjnhcO9yGkREEpgQCSMow2Ikc-6wpsCXtdiQX-GdpaaCa9D4EjDrRdEE5d0NATQWUj7ZUYIzDDSUhEV-JAaRRxEzpNehJyZzZL_81Oeg9HTyVqSUXOjiADRsFta8-CWz9fmMgnfnVV3EJ68u6Dn3Q",
  "payload": ""
}
2021-08-15 16:41:58,560:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/22074279610 HTTP/1.1" 200 1062
2021-08-15 16:41:58,561:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 15 Aug 2021 14:41:58 GMT
Content-Type: application/json
Content-Length: 1062
Connection: keep-alive
Boulder-Requester: 162373170
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0102NdiMro7hqOhLcCDfJKdak9Bjvqek6bOFNgDf2Rin7gI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "bbvd.info"
  },
  "status": "invalid",
  "expires": "2021-08-22T14:41:53Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "invalid",
      "error": {
        "type": "urn:ietf:params:acme:error:unauthorized",
        "detail": "Invalid response from http://bbvd.info/.well-known/acme-challenge/SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA [2001:8d8:100f:f000::2b2]: 204",
        "status": 403
      },
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/22074279610/p9W2hw",
      "token": "SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA",
      "validationRecord": [
        {
          "url": "http://bbvd.info/.well-known/acme-challenge/SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA",
          "hostname": "bbvd.info",
          "port": "80",
          "addressesResolved": [
            "82.165.61.68",
            "2001:8d8:100f:f000::2b2"
          ],
          "addressUsed": "2001:8d8:100f:f000::2b2"
        }
      ],
      "validated": "2021-08-15T14:41:57Z"
    }
  ]
}
2021-08-15 16:41:58,561:DEBUG:acme.client:Storing nonce: 0102NdiMro7hqOhLcCDfJKdak9Bjvqek6bOFNgDf2Rin7gI
2021-08-15 16:41:58,561:INFO:certbot._internal.auth_handler:Challenge failed for domain bbvd.info
2021-08-15 16:41:58,561:INFO:certbot._internal.auth_handler:http-01 challenge for bbvd.info
2021-08-15 16:41:58,562:DEBUG:certbot._internal.display.obj:Notifying user: 
Certbot failed to authenticate some domains (authenticator: apache). The Certificate Authority reported these problems:
  Domain: bbvd.info
  Type:   unauthorized
  Detail: Invalid response from http://bbvd.info/.well-known/acme-challenge/SVcILmr0FUFwTJdGP-s_cs1xtBIU1MRn_7xvN3ecWOA [2001:8d8:100f:f000::2b2]: 204

Hint: The Certificate Authority failed to verify the temporary Apache configuration changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

2021-08-15 16:41:58,563:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.

2021-08-15 16:41:58,563:DEBUG:certbot._internal.error_handler:Calling registered functions
2021-08-15 16:41:58,563:INFO:certbot._internal.auth_handler:Cleaning up challenges
2021-08-15 16:41:58,757:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/snap/certbot/1343/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/main.py", line 15, in main
    return internal_main.main(cli_args)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/main.py", line 1566, in main
    return config.func(config, plugins)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/main.py", line 1280, in run
    new_lineage = _get_and_save_cert(le_client, config, domains,
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/main.py", line 128, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/client.py", line 456, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/client.py", line 386, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/client.py", line 436, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 90, in handle_authorizations
    self._poll_authorizations(authzrs, max_retries, best_effort)
  File "/snap/certbot/1343/lib/python3.8/site-packages/certbot/_internal/auth_handler.py", line 178, in _poll_authorizations
    raise errors.AuthorizationError('Some challenges have failed.')
certbot.errors.AuthorizationError: Some challenges have failed.
2021-08-15 16:41:58,763:ERROR:certbot._internal.log:Some challenges have failed.

My web server is (include version): Apache/2.4.41 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 20.04

My hosting provider, if applicable, is: 1und1

I can login to a root shell on my machine (yes or no, or I don't know): yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Help would be great.

As you can see here in the error message:

..the Let's Encrypt validation server is connecting to an IPv6 address, but fails to retrieve the token on that server.

Also notice that the IPv4 and IPv6 addresses for bbvd.info return different content: the IPv4 address returns a 403 Forbidden error while the IPv6 address returns a HTML page which contains a "meta" redirect to the path /defaultsite.

Is the IPv6 address of bbvd.info correct?

1 Like

To visually expand on what @Osiris noticed:

Name:    ingo-preuss.de
Address: 82.165.61.68

Name:      bbvd.info
Addresses: 2001:8d8:100f:f000::2b2
           82.165.61.68

LE prefers IPv6 (over IPv4) when present.

If not, then remove the IPv6 address form that name.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.