Dear Let’s Encrypt community,
on a server that I administer, I got the problem as in the title. IPv4, the IPv6 is not working on that machine.
Seems that on that domain (acme-v01.api.letsencrytp.org) , the certificate is wrong.
curl -vvI https://acme-v01.api.letsencrypt.org
- Rebuilt URL to: https://acme-v01.api.letsencrypt.org/
- Hostname was NOT found in DNS cache
- Trying 104.108.34.195…
- Connected to acme-v01.api.letsencrypt.org (104.108.34.195) port 443 (#0)
- successfully set certificate verify locations:
- CAfile: none
CApath: /etc/ssl/certs- SSLv3, TLS handshake, Client hello (1):
- SSLv3, TLS handshake, Server hello (2):
- SSLv3, TLS handshake, CERT (11):
- SSLv3, TLS handshake, Server key exchange (12):
- SSLv3, TLS handshake, Server finished (14):
- SSLv3, TLS handshake, Client key exchange (16):
- SSLv3, TLS change cipher, Client hello (1):
- SSLv3, TLS handshake, Finished (20):
- SSLv3, TLS change cipher, Client hello (1):
- SSLv3, TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- Server certificate:
subject: CN=ii.worldmarket.comstart date: 2018-03-10 19:05:00 GMTexpire date: 2018-06-08 19:05:00 GMTsubjectAltName does not match acme-v01.api.letsencrypt.org- SSL: no alternative certificate subject name matches target host name ‘acme-v01.api.letsencrypt.org’
- Closing connection 0
- SSLv3, TLS alert, Client hello (1):
curl: (51) SSL: no alternative certificate subject name matches target host name ‘acme-v01.api.letsencrypt.org’
No problem on my local PC or on other servers. That server is an updated Jessie Debian. The DNSs are from Google.
Thanks.