I have problem when create/renew SSL with specific IP range

Hello, i'm using Directadmin to create/renew SSL for my website.

First, my VPS IP is, i create a host ntlamnt.tk and point my record A to this IP and when i create SSL for my domain ntlamnt.tk, i got error.
Here is the error link show up: https://acme-v02.api.letsencrypt.org/acme/authz-v3/10236167415

Second, i change my VPS IP to different VLAN:, point record A to this IP and i can create SSL for my domain ntlamnt.tk and www.lamnt.tk with no problems:

Finally, i change my VPS IP back to VLAN 103.159.52.x with different IP: for my domain mail.ntlamnt.tk and i got the same problem at from the First:

So, i can not create/renew SSL with this VLAN 103.159.52.x ( any IP from this VLAN not work ), but with VLAN 203.162.51.x, i can create SSL with no problems.

I disabled all firewall in my VPS but still have problems, so how can i check if my IP range is blocked by Let's Encrypt or any connection problems from my VLAN 103.159.52.x to Let's Encrypt server ?

Thank you.

1 Like

The 103 block of IPs or a portion of that block may be blocked by China. That could be why you were successful with the and not with the two 103 IPs. You error shows a timeout for the 103 IPs and shows the status of your domain name status as invalid. So there is most likely a firewall blocking the two 103 IP addresses you tried.

Since I'm heading off to bed, maybe someone else will be able to jump in and give you a little more help. If not, I'll be back in a few hours.


Hello JimPas, thank you for your reply.

So if i was blocked by China, why i cannot connect to Let's Encrypt's servers. Are Let's Encrypt's servers located in China ?

Is there any config that i can change Let's Encrypt' servers to somewhere outside China and I can reissue my SSL again ?

Thank you.


If you switch and use DNS validation, your actual IP becomes an non-issue.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.