Error getting validation data


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: bekunse.spdns.de

I ran this command: sudo certbot certonly --webroot -w /var/www/html/ -d bekunse.spdns.de -m ben.kunze2@gmail.com --agree-tos

It produced this output: Failed authorization procedure. bekunse.spdns.de (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://bekunse.spdns.de/.well-known/acme-challenge/x6BsrsBcPW6yc8KfjNcczIJcs6uEZYvQPhDbYYisRik: Error getting validation data

IMPORTANT NOTES:

My web server is (include version):

The operating system my web server runs on is (include version): RaspberrianOS 4.14

My hosting provider, if applicable, is: Spydns

I can login to a root shell on my machine (yes or no, or I don’t know): I don’t know

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):


#2

Hi @Jumpyy

checking your domain there is a private ipv4 address ( https://check-your-website.server-daten.de/?q=bekunse.spdns.de ): 192.168.. is private, not public.

Host T IP-Address is auth. ∑ Queries ∑ Timeout
bekunse.spdns.de A 192.168.178.43 yes 1 0
AAAA 2a04:4540:8c06:f201:950d:f312:ba66:aa89 yes
www.bekunse.spdns.de Name Error yes 1 0

And your ipv6

Domainname Http-Status redirect Sec. G
http://bekunse.spdns.de/
2a04:4540:8c06:f201:950d:f312:ba66:aa89 -14 10.026 T
Timeout - The operation has timed out
https://bekunse.spdns.de/
2a04:4540:8c06:f201:950d:f312:ba66:aa89 -14 10.023 T
Timeout - The operation has timed out
http://bekunse.spdns.de/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a04:4540:8c06:f201:950d:f312:ba66:aa89 -14 10.027 T
Timeout - The operation has timed out

doesn’t answer, perhaps it’s not configured.

So it’s impossible that Letsencrypt finds the validation file in /.well-known/acme-challenge.


#3

As mentioned, you may need to remove the IPv6 address from your domain.
[or ensure it works same as the IPv4 address]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Ok that was a huge misstatement.
The IPv4 addess fails as it a non-routeable (RFC 1918) IP 192.168.x.x

So remove the IPv4 address and fix the IPv6 address.

Connecting to bekunse.spdns.de (bekunse.spdns.de)|2a04:4540:8c06:f201:950d:f312:ba66:aa89|:80... failed: Permission denied.


closed #4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.