Creating certificate problem

Can someone please help me to fix the error, I already used Let's Encrypt on my old build with port forwarding and only IPv4, now after I got a new router and a new IP Address I have a IPv6-Address.
I don't quite know why the error is appearing, and I don't know how to fix it.

My domain is:

pihub.me

I ran this command:

certbot --apache -d pihub.me

It produced this output:

Requesting a certificate for pihub.me
Performing the following challenges:
http-01 challenge for pihub.me
Enabled Apache rewrite module
Waiting for verification...
Challenge failed for domain pihub.me
http-01 challenge for pihub.me
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:
The following errors were reported by the server:

Domain: pihub.me
Type: connection
Detail: 2a02:8388:8300:2f00:5005:e6e4:6ada:8b5f: Fetching
http://pihub.me/.well-known/acme-challenge/0TvIn6_q73YtcdX53TXfyMYGn5p9w4bhBzIezpYq9vg:
Timeout during connect (likely firewall problem)

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.

My web server is (include version): Server version: Apache/2.4.62 (Raspbian)

Server built: 2024-10-04T15:21:08

The operating system my web server runs on is (include version):

Distributor ID: Raspbian
Description: Raspbian GNU/Linux 11 (bullseye)
Release: 11
Codename: bullseye

My hosting provider, if applicable, is:

NameCheap

I can login to a root shell on my machine (yes or no, or I don't know): YES

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.12.0

Is there something unclear about this error message? The Let's Encrypt servers need to be able to connect to your host (on port 80) to validate domain ownership. They were unable to do so. The most likely reason, as the error message says, is that there's some kind of firewall--you'll need to find and fix that.

Since the current release is 4.something, this is pretty old.

I downloaded certbot with the command "sudo apt install certbot python3-certbot-apache" and the version is 1.12.0 . If I download the python scrips in a venv the version is 4.x.x but it doesn't work.
And the "problem" with the firewall, there is no firewall installed on my Raspberry Pi 2B, no ufw

...is also very old.

Well, there's one somewhere. I'd expect the Pi is behind a firewall of some sort, but the bottom line is that something is preventing connections from the public Internet to that Pi on port 80. You'll need to figure out what that is and remove or reconfigure it.

You should check the IPv6 address for your Apache server

One way is this on that server:

curl -6 https://ifconfig.io

Make sure that matches what is in your DNS for that domain name

I agree with danb35 though ... something is not allowing connections from the public internet to your Apache. Often it is a firewall but incorrect DNS IP or network routing / config problems can also cause that.

Are you able to connect to your Apache from the public internet? Like using a mobile phone with wifi disabled?

Try it with HTTP:// to ensure you check port 80 connectivity

I have checked everything and set up my server completely new. The DNS entry is correct, because it can be reached via “ curl -6 http://pihub.me/ ”, I have also manually created the path “/.well-known/acme-challenge/” to the website path “/var/www/pihub/html/” and " http://pihub.me/.well-known/acme-challenge/ “, is also reachable with ” Index of /.well-known/acme-challenge ", I assume that certbot has a problem with the creation of the file that needs the verification. You have to understand that I don't have a working IPv4, but only IPv6.

I cannot reach your server from my own test server:

curl -6 -m7 http://pihub.me
curl: (28) Connection timed out after 7001 milliseconds

And, Let's Debug runs two connection tests and both fail. One from its own server and one using the Let's Encrypt staging system. See below

Are you sure you are trying that connection from the public internet? Or just your own local network? Because so far I don't see any connection working.