Domain moved to a new service provider

The domain has been moved from one service provider to another (not the website itself, it is on a thin party host!).
Now we can’t renew the certificate, getting the error message below.

My domain is: steco.de

I ran this command: Within Plesk we tried to renew certificate

It produced this output:

Fehler: Could not issue a Let’s Encrypt SSL/TLS certificate for steco.de. Authorization for the domain failed.

Additional error details:
Invalid response from https://acme-v01.api.letsencrypt.org/acme/authz/_oV8fuexFhhNQL8iBrSjGvxp0iP3UMXCGV2_KOwc9LQ.
Details:
Type: urn:acme:error:connection
Status: 400
Detail: Fetching http://steco.de/.well-known/acme-challenge/Wq1rrHSXkGb2hiI2RVI0lVGnTM-lCOXqb9XhX07o4pY: Timeout

What can we do?

Thanks.

Hi @TF28,

You domains has A and AAAA records (IPv4 and IPv6 addresses) but your site only answers over IPv4.

$ curl -6vIkL http://steco.de
* Rebuilt URL to: http://steco.de/
*   Trying 2001:688:4:74::2...
* TCP_NODELAY set
* connect to 2001:688:4:74::2 port 80 failed: Connection timed out
* Failed to connect to steco.de port 80: Connection timed out
* Closing connection 0
curl: (7) Failed to connect to steco.de port 80: Connection timed out

Since a few months ago, Let’s Encrypt prefers IPv6 over IPv4 to validate your domain.

Solution: fix your IPv6 connectivity issues or remove the AAAA records for your domain.

Cheers,
sahsanu

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.