Get cetificates using AAAA records

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: covs.nl

I ran this command:
Get certificate in DirectAdmin

It produced this output:
2021/11/23 22:55:13 [INFO] [covs.nl, mail.covs.nl, webmail.covs.nl, www.covs.nl] acme: Obtaining SAN certificate
2021/11/23 22:55:14 [INFO] [covs.nl] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/51803655510
2021/11/23 22:55:14 [INFO] [mail.covs.nl] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52112463630
2021/11/23 22:55:14 [INFO] [webmail.covs.nl] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52112463640
2021/11/23 22:55:14 [INFO] [www.covs.nl] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52112463650
2021/11/23 22:55:14 [INFO] [mail.covs.nl] acme: authorization already valid; skipping challenge
2021/11/23 22:55:14 [INFO] [www.covs.nl] acme: Could not find solver for: tls-alpn-01
2021/11/23 22:55:14 [INFO] [www.covs.nl] acme: use http-01 solver
2021/11/23 22:55:14 [INFO] [covs.nl] acme: Could not find solver for: tls-alpn-01
2021/11/23 22:55:14 [INFO] [covs.nl] acme: use http-01 solver
2021/11/23 22:55:14 [INFO] [webmail.covs.nl] acme: Could not find solver for: tls-alpn-01
2021/11/23 22:55:14 [INFO] [webmail.covs.nl] acme: use http-01 solver
2021/11/23 22:55:14 [INFO] [www.covs.nl] acme: Trying to solve HTTP-01
2021/11/23 22:55:42 [INFO] [covs.nl] acme: Trying to solve HTTP-01
2021/11/23 22:56:07 [INFO] [webmail.covs.nl] acme: Trying to solve HTTP-01
2021/11/23 22:56:37 [INFO] Skipping deactivating of valid auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/51803655510
2021/11/23 22:56:37 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52112463630
2021/11/23 22:56:38 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52112463640
2021/11/23 22:56:38 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/52112463650
2021/11/23 22:56:38 Could not obtain certificates:
error: one or more domains had a problem:
[covs.nl] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching https://www.covs.nl/.well-known/acme-challenge/eDymeoR50IcoDc7dqczdTzeu6VJCrDh97Z3aOXlNxg0: Timeout during connect (likely firewall problem)
[webmail.covs.nl] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching https://webmail.covs.nl/.well-known/acme-challenge/ZFuxd92o4q3CCs7D2QGrK8PfXwpt1MiwjOQeWes1bJ0: Timeout during connect (likely firewall problem)
[www.covs.nl] acme: error: 400 :: urn:ietf:params:acme:error:connection :: Fetching https://www.covs.nl/.well-known/acme-challenge/h10eP6Tjv9LsGWCefMn4Ta6QqrpehrjuccAlUFl_0J4: Timeout during connect (likely firewall problem)
Certificate generation failed.

My web server is (include version):
Apache 2.4

The operating system my web server runs on is (include version):
Debian 11

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
DirectAdmin

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Welcome to the community @webmastercovs

Yes, it looks like your system is not accepting requests on IPv6. When Lets Encrypt server sees AAAA record it will use IPv6. I could not connect to your server with IPv6 but IPv4 works fine.

I am not very familiar with your configuration so cannot help debug other than to provide this:

Check your server IPv6 IP with curl -6 ifconfig.co and make sure it matches your AAAA record

Here is what I see trying to reach you with IPv4 and 6:


curl -I6 https://www.covs.nl
curl: (28) Failed to connect to www.covs.nl port 443: Connection timed out

curl -I4 https://www.covs.nl
HTTP/2 200
x-drupal-cache: HIT
content-language: nl
x-frame-options: SAMEORIGIN
permissions-policy: interest-cohort=()
x-generator: Drupal 7 (https://www.drupal.org)
link: <https://www.covs.nl/>; rel="canonical",<https://www.covs.nl/>; rel="shortlink"
cache-control: public, max-age=900
expires: Sun, 19 Nov 1978 05:00:00 GMT
vary: Cookie,Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
etag: "1637708586-0"
last-modified: Tue, 23 Nov 2021 23:03:06 GMT
content-type: text/html; charset=utf-8
date: Tue, 23 Nov 2021 23:10:35 GMT
server: Apache/2
2 Likes

I'd start by troubleshooting the Apache under the (Drupal/DirectAdmin) hood.
Start with:
sudo apachectl -t -D DUMP_VHOSTS

[which may not be servicing IPv6]

2 Likes
AH00112: Warning: DocumentRoot [/home/myuser22/domains/bestanden.a.covs.nl/private_html] does not exist
AH00112: Warning: DocumentRoot [/home/covsres/domains/fakedomain.com/private_html] does not exist
VirtualHost configuration:
178.21.114.226:80      is a NameVirtualHost
         default server localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:31)
         port 80 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:31)
         port 80 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias a.covs.nl
                 alias a.covs.nl
         port 80 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:20)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 80 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:25)
         port 80 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:20)
                 alias www.covs.nl
                 alias covs.nl
         port 80 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:25)
         port 80 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 80 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:20)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 80 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:25)
         port 80 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:20)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 80 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:25)
178.21.114.226:443     is a NameVirtualHost
         default server localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:46)
         port 443 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:46)
         port 443 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias a.covs.nl
                 alias a.covs.nl
         port 443 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:30)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 443 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:70)
         port 443 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:30)
                 alias www.covs.nl
                 alias covs.nl
         port 443 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:66)
         port 443 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 443 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:30)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 443 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:66)
         port 443 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:30)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 443 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:66)
[2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:80 is a NameVirtualHost
         default server shared.domain (/etc/httpd/conf/ips.conf:11)
         port 80 namevhost shared.domain (/etc/httpd/conf/ips.conf:11)
         port 80 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:31)
         port 80 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias a.covs.nl
                 alias a.covs.nl
         port 80 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:20)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 80 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:25)
         port 80 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:20)
                 alias www.covs.nl
                 alias covs.nl
         port 80 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:25)
         port 80 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 80 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:20)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 80 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:25)
         port 80 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:20)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 80 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:25)
[2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:443 is a NameVirtualHost
         default server shared.domain (/etc/httpd/conf/ips.conf:22)
         port 443 namevhost shared.domain (/etc/httpd/conf/ips.conf:22)
         port 443 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:46)
         port 443 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias a.covs.nl
                 alias a.covs.nl
         port 443 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:30)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 443 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:70)
         port 443 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:30)
                 alias www.covs.nl
                 alias covs.nl
         port 443 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:66)
         port 443 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 443 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:30)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 443 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:66)
         port 443 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:30)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 443 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:66)
*:443                  www.example.com (/etc/httpd/conf/extra/httpd-ssl.conf:81)
1 Like

Thanks for your reply and help. I have added the outcome of the command. I see virtual hosts with the proper AAAA-record. Am I correct?

1 Like

I don't know why but discourse will sometimes EAT posts that I edit.
I simply added "```" to it at the top and bottom.
Here is a repost of all that content (and the backticks):


AH00112: Warning: DocumentRoot [/home/myuser22/domains/bestanden.a.covs.nl/private_html] does not exist
AH00112: Warning: DocumentRoot [/home/covsres/domains/fakedomain.com/private_html] does not exist
VirtualHost configuration:
178.21.114.226:80      is a NameVirtualHost
         default server localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:31)
         port 80 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:31)
         port 80 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias a.covs.nl
                 alias a.covs.nl
         port 80 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:20)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 80 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:25)
         port 80 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:20)
                 alias www.covs.nl
                 alias covs.nl
         port 80 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:25)
         port 80 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 80 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:20)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 80 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:25)
         port 80 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:20)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 80 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:25)
178.21.114.226:443     is a NameVirtualHost
         default server localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:46)
         port 443 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:46)
         port 443 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias a.covs.nl
                 alias a.covs.nl
         port 443 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:30)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 443 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:70)
         port 443 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:30)
                 alias www.covs.nl
                 alias covs.nl
         port 443 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:66)
         port 443 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 443 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:30)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 443 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:66)
         port 443 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:30)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 443 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:66)
[2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:80 is a NameVirtualHost
         default server shared.domain (/etc/httpd/conf/ips.conf:11)
         port 80 namevhost shared.domain (/etc/httpd/conf/ips.conf:11)
         port 80 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:31)
         port 80 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias a.covs.nl
                 alias a.covs.nl
         port 80 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:20)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 80 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:25)
         port 80 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:20)
                 alias www.covs.nl
                 alias covs.nl
         port 80 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:25)
         port 80 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:20)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 80 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:25)
         port 80 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:20)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 80 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:25)
         port 80 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:20)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 80 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:25)
[2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:443 is a NameVirtualHost
         default server shared.domain (/etc/httpd/conf/ips.conf:22)
         port 443 namevhost shared.domain (/etc/httpd/conf/ips.conf:22)
         port 443 namevhost localhost (/etc/httpd/conf/extra/httpd-vhosts.conf:46)
         port 443 namevhost a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias a.covs.nl
                 alias a.covs.nl
         port 443 namevhost webmail.a.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:30)
                 alias bestanden.a.covs.nl
                 alias bestanden.a.covs.nl
         port 443 namevhost webmail.bestanden.a.covs.nl (/usr/local/directadmin/data/users/myuser22/httpd.conf:70)
         port 443 namevhost www.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:30)
                 alias www.covs.nl
                 alias covs.nl
         port 443 namevhost webmail.covs.nl (/usr/local/directadmin/data/users/myuser/httpd.conf:66)
         port 443 namevhost bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:30)
                 alias bestanden.covs.nl
                 alias bestanden.covs.nl
         port 443 namevhost webmail.bestanden.covs.nl (/usr/local/directadmin/data/users/myuser2/httpd.conf:66)
         port 443 namevhost blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:30)
                 alias blad.covs.nl
                 alias blad.covs.nl
         port 443 namevhost webmail.blad.covs.nl (/usr/local/directadmin/data/users/myuser3/httpd.conf:66)
         port 443 namevhost |PREFIX_DOMAIN|fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:30)
                 alias |PREFIX_DOMAIN|fakedomain.com
                 alias fakedomain.com
         port 443 namevhost webmail.fakedomain.com (/usr/local/directadmin/data/users/covsres/httpd.conf:66)
*:443                  www.example.com (/etc/httpd/conf/extra/httpd-ssl.conf:81)
1 Like

That's not how it would normally be done.

These errors should also be resolved:

AH00112: Warning: DocumentRoot [/home/myuser22/domains/bestanden.a.covs.nl/private_html] does not exist
AH00112: Warning: DocumentRoot [/home/covsres/domains/fakedomain.com/private_html] does not exist
1 Like

We need to look at this file:
/usr/local/directadmin/data/users/myuser/httpd.conf

And I don't see the name "mail.covs.nl" covered by any of those vhosts.

1 Like
# Auto generated apache config file by DirectAdmin version 1.63.1
# Modifying this file is not recommended as any changes you make will be
# overwritten when the user makes any changes to their website

# For global config changes that affect all Users, see this guide:
# http://help.directadmin.com/item.php?id=2
# For local config changes that only affect one User, see this guide:
# http://help.directadmin.com/item.php?id=3


<Directory "/home/myuser/public_html">
		<FilesMatch "\.(inc|php|phtml|phps|php74)$">
			AddHandler "proxy:unix:/usr/local/php74/sockets/myuser.sock|fcgi://localhost" .inc .php .phtml .php74
		</FilesMatch> 
	<IfModule mod_fcgid.c>
		SuexecUserGroup myuser myuser
	</IfModule>
</Directory>

<VirtualHost 178.21.114.226:80 [2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:80 >
        ServerName www.covs.nl
        ServerAlias www.covs.nl covs.nl 
        Redirect "/" "https://www.covs.nl/"
</VirtualHost>
<VirtualHost 178.21.114.226:80 [2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:80 >
   ServerName webmail.covs.nl
   Redirect "/" "https://webmail.covs.nl/"
</VirtualHost>

<VirtualHost 178.21.114.226:443 [2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:443 >
	SSLEngine on
	SSLCertificateFile /usr/local/directadmin/data/users/myuser/domains/covs.nl.cert.combined
	SSLCertificateKeyFile /usr/local/directadmin/data/users/myuser/domains/covs.nl.key
	ServerName www.covs.nl
	ServerAlias www.covs.nl covs.nl 
	ServerAdmin webmaster@covs.nl
	DocumentRoot /home/myuser/domains/covs.nl/private_html
	ScriptAlias /cgi-bin/ /home/myuser/domains/covs.nl/public_html/cgi-bin/
	UseCanonicalName OFF
	<IfModule !mod_ruid2.c>
		SuexecUserGroup myuser myuser
	</IfModule>
	CustomLog /var/log/httpd/domains/covs.nl.bytes bytes
	CustomLog /var/log/httpd/domains/covs.nl.log combined
	ErrorLog /var/log/httpd/domains/covs.nl.error.log
	#Header always set Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'"
	Header always set X-Frame-Options "SAMEORIGIN"
	Header always set X-XSS-Protection "1; mode=block"
	Header always set X-Content-Type-Options "nosniff"
	Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
	<Directory /home/myuser/domains/covs.nl/private_html>
		<FilesMatch "^ping|status$">
   			RewriteEngine Off
			SetHandler "proxy:unix:/usr/local/php74/sockets/myuser.sock|fcgi://localhost"
		</FilesMatch>
		<FilesMatch "\.(inc|php|phtml|phps|php74)$">
			<If "-f %{REQUEST_FILENAME}">
				#ProxyErrorOverride on
				AddHandler "proxy:unix:/usr/local/php74/sockets/myuser.sock|fcgi://localhost" .inc .php .phtml .php74
			</If>
		</FilesMatch> 
	</Directory>
      RewriteEngine on
      RewriteOptions inherit
</VirtualHost>
<VirtualHost 178.21.114.226:443 [2a02:2308:0:82e:9fd5:fe0a:560a:62f8]:443 >
   ServerName webmail.covs.nl
   ServerAdmin webmaster@covs.nl
   DocumentRoot /var/www/html/roundcube
   SSLEngine on
   SSLCertificateFile /usr/local/directadmin/data/users/myuser/domains/covs.nl.cert.combined
   SSLCertificateKeyFile /usr/local/directadmin/data/users/myuser/domains/covs.nl.key
   CustomLog /var/log/httpd/domains/covs.nl.bytes bytes
   CustomLog /var/log/httpd/domains/covs.nl.log combined
   ErrorLog /var/log/httpd/domains/covs.nl.error.log
   <IfModule !mod_ruid2.c>
       SuexecUserGroup webapps webapps
   </IfModule>
</VirtualHost>
1 Like

(post deleted by author)

Ok, solved these, but they did not affect the original problem.

1 Like

Your Apache is unusual but I do not see anything obviously wrong.

I think your IPv6 is not setup right. Can you show the results of these:

curl -4 ifconfig.co
curl -6 ifconfig.co

curl -4 www.covs.nl
curl -6 www.covs.nl

The first two should return your IPv4 and 6 addresses. This confirms your IPs but also your outbound IPv6 connection.

The second two should return your "302 Found" page as you redirect http to https.

Would you explain your network connection? Are you self-hosted with a router or do you use a hosting service? Have you checked these allow IPv6?

2 Likes
root@s1:~# curl -4 ifconfig.co
178.21.114.226
root@s1:~# curl -6 ifconfig.co
curl: (7) Couldn't connect to server
root@s1:~#
root@s1:~# curl -4 www.covs.nl
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.covs.nl/">here</a>.</p>
</body></html>
root@s1:~# curl -6 www.covs.nl
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="https://www.covs.nl/">here</a>.</p>
</body></html>
1 Like

That shows your IPv6 network configuration is not working. Your first step is to get that working. Once you get that working then getting certificates should also work.

If you are self-hosting then check your router and internet provider. If you are on a hosting service ask them about this.

It looks like your curl -6 www.covs.nl request was handled on your local machine through a hosts file or similar. That is why that worked when the curl -6 to ifconfig.co site failed. I cannot connect to your site with -6 and neither can Lets Debug test site. It is still possible something is wrong in Apache too, but, need to get the above curl -6 working in any case.

3 Likes

What is the output of the ip address command on your system?

2 Likes

I think I have found the problem in the interfaces definition. The ip6 definition in Debian/Bullseye is not working properly. I will try to solve that.

1 Like