Client takes almost one hour to create certificate

Hi guys,

Over the last month letsencrypt client takes almost one hour to create a new certificate (I think I have the same behavior for renewal).

I run this command on my server : ./letsencypt-auto certonly --agree-tos --standalone -d
With the debug flag I noticed that time is spent at these points : “Starting new HTTPS conenction”.
My server is hosted at It is configured to run over ipv4 and ipv6.

If you need more information I can provide them.


Here is my letsencrypt.log :

I’ve seen similar behaviour in the past (not specifically with letsencrypt) with servers that had IPv6 configured but not properly working, i.e. traffic being blocked by a firewall, etc. Maybe the client waits for a timeout and then falls back to IPv4. Can you confirm that something like

wget -6

is working?


Indeed I can’t establish a connection with over IPv6. I though it worked cause I can ping my server over IPv6 from extern.

I just run again the client, and it’s really fast now. Thanks a lot for your help.

@jsha, is it possible to add a WARN message to prevent this kind of issues ?

Again, thanks a lot guys.

Possibly! I’d suggest filing an issue at It probably doesn’t make sense to try and specifically detect IPv6 issues in the client, but there should probably be a timeout when making connections to the ACME server. The error message for those timeouts could suggest something like “please check the connectivity from your server to the outside Internet.”

1 Like