Failed authorization procedure all domains


i tried to run renew process for my domains but all domains end with same error:

./scripts/ com
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?
1: Nginx Web Server plugin - Alpha (nginx)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)
Select the appropriate number [1-3] then [enter] (press 'c' to cancel): 2
Plugins selected: Authenticator standalone, Installer None
Cert is due for renewal, auto-renewing...
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for
http-01 challenge for
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching Timeout

 - The following errors were reported by the server:

   Type:   connection
   Detail: Fetching

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

I have flushed the nameserver from google and all dig commands imaging the right ip. I really not understand what is here wrong.

My domain is:,,

I run the follow script:


  case "$domain" in
      certbot certonly --rsa-key-size 4096 -d -d

      certbot certonly --rsa-key-size 4096 -d -d

      certbot certonly --rsa-key-size 4096 -d -d

      cat <<-"EOH"

        com >
        de  >
        fr  >

I use nginx-1.12.2-r1 on Gentoo Linux and hosted by OVH.

Logfile >

Thank you for advice.


Your domain’s IPv6 address is pointing to a host that is not responding to HTTP requests.

$ curl -v -6 --connect-timeout 10 -i
* About to connect() to port 80 (#0)
*   Trying 2001:41d0:8:6d5e::1...
* Connection timed out after 10002 milliseconds
* Closing connection 0
curl: (28) Connection timed out after 10002 milliseconds

Let’s Encrypt will fail to validate your domain if you advertise an AAAA record that isn’t accessible.


yes thank you I not understand why is ipv6 filtered but okay I delete the AAAA and now it’s okay. Thank you so much.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.