Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://www.xplosivwholesale.com.au/

I ran this command: ./certbot-auto certonly --webroot -w /home/all/xplosivw/webapps/ROOT/ -d www.xplosivwholesale.com.au -d xplosivwholesale.com.au

It produced this output:
Challenge failed for domain www.xplosivwholesale.com.au
Challenge failed for domain xplosivwholesale.com.au
http-01 challenge for www.xplosivwholesale.com.au
http-01 challenge for xplosivwholesale.com.au
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: www.xplosivwholesale.com.au
  Type: unauthorized
  Detail: Invalid response from
  https://www.xplosivwholesale.com.au/.well-known/acme-challenge/uhgsu3gPh72ODIm2Mi78Z3fFZnBOP3FlPVn2USviDtQ
  [2404:8280:a222:bbbb:bba1:24:ffff:ffff]: “\n\n404 Not
  Found\n\n

  Not Found

  \n<p”

  Domain: xplosivwholesale.com.au
  Type: unauthorized
  Detail: Invalid response from
  https://www.xplosivwholesale.com.au/.well-known/acme-challenge/iC150_34nzSYNG3ckQdA0d-Jkk6lFRNfCkdx2-6KbM8
  [2404:8280:a222:bbbb:bba1:24:ffff:ffff]: “\n\n404 Not
  Found\n\n

  Not Found

  \n<p”

  To fix these errors, please make sure that your domain name was

My web server is (include version):
NAME=openSUSE
VERSION=“13.1 (Bottle)”
VERSION_ID=“13.1”
PRETTY_NAME=“openSUSE 13.1 (Bottle) (x86_64)”
ID=opensuse
ANSI_COLOR=“0;32”
CPE_NAME=“cpe:/o:opensuse:opensuse:13.1”
BUG_REPORT_URL=“https://bugs.opensuse.org”
HOME_URL=“https://opensuse.org/”
ID_LIKE=“suse”

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: NA

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot-auto 0.40.1

We have multiple websites running off the same apache, all using certbot. Normally these renew fine but this time we’re getting the above error

Hi @ljordan67

checking your domain you see the problem - https://check-your-website.server-daten.de/?q=xplosivwholesale.com.au

You have ipv4 and ipv6 - that's good.

But your ipv6 doesn't work, only ConnectFailures:

That's critical because Letsencrypt prefers ipv6 checking your domain.

So you have two options:

• Remove the ipv6, create a certificate, fix your ipv6 (or, better)
• fix your ipv6 directly.

These other domains may not have an ipv6 address.

You can check your ipv6 directly - without having an AAAA record.

thanks for the info, that is very useful. I’ll investigate the ipv6 address and see what we can do.

You can check the ipv6 directly - https://check-your-website.server-daten.de/?q=[2404%3A8280%3Aa222%3Abbbb%3Abba1%3A24%3Affff%3Affff]

Then a lot of checks are skipped.

Your ipv6 + https works, but your ipv6 + http not. Ipv6 + http is required, so Letsencrypt can check your domain.

PS: So compare your http and https vHost definitions to see, why ipv6 + http doesn't answer.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.