Error getting valuation data

Hi, i installed an omv and nextcloud.
everything is working expect the letsencrypt.
The ports are working and my dns also (i get to the landing page, that my ip is not trusted)
Here is my log:

[ letsencrypt ]
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for specko.duckdns.org
Using the webroot path /var/www/nextcloud for all unmatched domains.
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. specko.duckdns.org (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://specko.duckdns.org/.well-known/acme-challenge/s9bEer0rvPNVOTOoEwsfoJk6xgt7HB-q7op4Ki-RC5Y: Error getting validation data
IMPORTANT NOTES:

  • The following errors were reported by the server:

Domain: specko.duckdns.org
Type: connection
Detail: Fetching
https://specko.duckdns.org/.well-known/acme-challenge/s9bEer0rvPNVOTOoEwsfoJk6xgt7HB-q7op4Ki-RC5Y:
Error getting validation data

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.

Do you have a reason to use --webroot instead of --apache?

Also check if your firewall is blocking ip addresses.

1 Like

Hi @Niki

there is a check of your domain, 7 hours old - https://check-your-website.server-daten.de/?q=specko.duckdns.org

You have ipv4 and ipv6:

Host T IP-Address is auth. ∑ Queries ∑ Timeout
specko.duckdns.org A 84.180.137.211 Mehlingen/Rheinland-Pfalz/Germany (DE) - Deutsche Telekom AG Hostname: p54B489D3.dip0.t-ipconnect.de yes 1 0
AAAA 2003:c2:17ff:3a43:464e:6dff:fedc:6bf6 Kaiserslautern/Rheinland-Pfalz/Germany (DE) - Deutsche Telekom AG yes
www.specko.duckdns.org A 84.180.137.211 Mehlingen/Rheinland-Pfalz/Germany (DE) - Deutsche Telekom AG Hostname: p54B489D3.dip0.t-ipconnect.de yes 1 0
AAAA 2003:c2:17ff:3a43:464e:6dff:fedc:6bf6 Kaiserslautern/Rheinland-Pfalz/Germany (DE) - Deutsche Telekom AG yes

Your ipv4 works, your ipv6 has a timeout.

http://specko.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2003:c2:17ff:3a43:464e:6dff:fedc:6bf6
	-14
	
	Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a 
Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) 
and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 
extern ⇒ working port intern is required. Port 80 / http can redirect to another domain 
port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP 
blocks port 80. Then you may use the dns-01 challenge. Trouble creating a 
certificate? Use https://community.letsencrypt.org/ to ask.

Letsencrypt prefers ipv6 checking your domain, so that’s critical. Remove your ipv6 or fix it.

1 Like

Danke für deine Infos.
Nun stehe ich aber etwas auf dem Schlauch, wie ich das genau beheben kann.

  1. Macht es mehr sinn es zu optimieren/fixen oder soll ich einfach die ipv6 abschalten?
  2. Wie mache ich das?

LG

I don’t know. Your ipv4 hostname: p54B489D3.dip0.t-ipconnect.de.

Your ipv6:

Name: p200300C217FF3A43464E6DFFFEDC6BF6.dip0.t-ipconnect.de
Address: 2003:c2:17ff:3a43:464e:6dff:fedc:6bf6

Looks like both ip addresses are your addresses.

Then your Apache isn’t configured. Read the output of the check, there are infos how to add ipv6 support to your Apache.

Or remove the ipv6 in your dns setup. But I don’t use duckdns.