Fehlmeldung beim erstellen eines Zertifikates über Plesk

Help
1

Hallo, beim erstellen eines Zertifikates über Plesk erhalte ich folgende Fehlmeldung. Was mache ich da verkehrt, bzw. was muss ich anders einstellen damit das Zertifikat ausgestellt werden kann?

  • Fehler beim Schützen der Domain weisse-schaeferhunde.dog:

Could not issue a Let’s Encrypt SSL/TLS certificate for weisse-schaeferhunde.dog . Authorization for the domain failed.
Details

Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz/TAFgCHfhj9pq6QBTD9-z666dQsM_ETNSfUaQrTEBIxo.
Details:
Type: urn:ietf:params:acme:error:connection
Status: 400
Detail: Fetching http://www.weisse-schaeferhunde.dog/.well-known/acme-challenge/MJRlwoDKeZrZhVQtgrfwZp9vyW0iXDPUUU503O0srfo: Timeout during connect (likely firewall problem)

2

Hi @Mainfalke

checking your domain via https://check-your-website.server-daten.de/?q=weisse-schaeferhunde.dog you see the problem:

You have ipv4 and ipv6 - addresses:

Host T IP-Address is auth. ∑ Queries ∑ Timeout
weisse-schaeferhunde.dog A 85.214.142.42 Berlin/Germany (DE) - Strato AG Hostname: mail.markus-gerlach.domains yes 2 0
AAAA 2a01:238:425e:ec00:d6f9:1d9c:2585:991f Berlin/Germany (DE) - Strato Rechenzentrum yes
www.weisse-schaeferhunde.dog C weisse-schaeferhunde.dog yes 1 0
A 85.214.142.42 Berlin/Germany (DE) - Strato AG Hostname: mail.markus-gerlach.domains yes
AAAA 2a01:238:425e:ec00:d6f9:1d9c:2585:991f Berlin/Germany (DE) - Strato Rechenzentrum yes

But checking a file via http + /.well-known/acme-challenge/random-filename, your ipv6 doesn't work:

Domainname Http-Status redirect Sec. G
http://weisse-schaeferhunde.dog/
85.214.142.42 200 0.013 H
http://weisse-schaeferhunde.dog/
2a01:238:425e:ec00:d6f9:1d9c:2585:991f -14 10.026 T
Timeout - The operation has timed out
http://www.weisse-schaeferhunde.dog/
85.214.142.42 200 0.014 H
http://www.weisse-schaeferhunde.dog/
2a01:238:425e:ec00:d6f9:1d9c:2585:991f -14 10.027 T
Timeout - The operation has timed out
https://weisse-schaeferhunde.dog/
85.214.142.42 -14 10.023 T
Timeout - The operation has timed out
https://weisse-schaeferhunde.dog/
2a01:238:425e:ec00:d6f9:1d9c:2585:991f -14 10.026 T
Timeout - The operation has timed out
https://www.weisse-schaeferhunde.dog/
85.214.142.42 -14 10.024 T
Timeout - The operation has timed out
https://www.weisse-schaeferhunde.dog/
2a01:238:425e:ec00:d6f9:1d9c:2585:991f -14 10.023 T
Timeout - The operation has timed out
http://weisse-schaeferhunde.dog/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
85.214.142.42 404 0.017 A
Not Found
Visible Content: Server Error 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.
http://weisse-schaeferhunde.dog/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:238:425e:ec00:d6f9:1d9c:2585:991f -14 10.030 T
Timeout - The operation has timed out
Visible Content:
http://www.weisse-schaeferhunde.dog/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
85.214.142.42 404 0.014 A
Not Found
Visible Content: Server Error 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.
http://www.weisse-schaeferhunde.dog/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:238:425e:ec00:d6f9:1d9c:2585:991f -14 10.027 T
Timeout - The operation has timed out
Visible Content:

http + ipv4 works, http + ipv6 not. Letsencrypt prefers ipv6, so that's critical.

You have two options:

  • remove the ipv6 dns AAAA record (or, better)
  • fix your ipv6

There is an IIS. Check your bindings, select no specific ip address. Then recheck your domain with the online tool. If ipv6 works, try to create a new certificate.

3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.