I’ve been using the same command for months (or years?). When trying to renew this time, it gives an error on nearly all domains. Certbot tells me:
Failed authorization procedure. lucgommans.nl (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Could not connect to lucgommans.nl
It returned status code 200, so the validator connected and was able to retrieve the file.
A few days ago I heard something about an outage and wrote it off as being due to the outage. Now the renewal deadline is getting pressing. What could be going wrong here?
As a resume, your domain has 2 ips, one for ipv4 and one for ipv6. You are answering on ipv4 address but not on ipv6 address. In this situation Let’s Encrypt should fallback to ipv4.
$ curl -IkL4 lucgommans.nl
HTTP/1.1 200 OK
Date: Thu, 25 May 2017 12:46:10 GMT
Server: Apache
Content-Type: text/html
$ curl -IkL6 lucgommans.nl
curl: (7) Failed to connect to lucgommans.nl port 80: Permission denied
@cpu, could you please take a look to this issue?.
@Luc, meanwhile you could remove the AAAA DNS record from your domain if you are not using it and check again to issue or renew your cert.