Invalid response acme challenge - same IP as subdomain


#1

Hi there,

I have an issue creating my ssl certicate for my main domain. The A-Entry in my DNS settings lead to the same IP of both, subdomain and main one.

Now strangely I could create the certificate for the subdomain, but not for the main one. I get following error:

Type: unauthorized
Detail: Invalid response from
http://glaubs.net/.well-known/acme-challenge/0xjQzCjpQg1WRlzhMM4ghucot1xnlg-CsMty_LkSCaQ:
“\r\n404 Not Found\r\n<body
bgcolor=“white”>\r\n

404 Not
Found

\r\n

I have no idea where the problem could be.

Thanks for your help!

My domain is: glaubs.net (subdomain: office.glaubs.net)

I ran this command: certbot

It produced this output:

My web server is (include version): Apache/2.4.29 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: netcup

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): yes


#2

They don’t have exactly the same IPs:

glaubs.net.         (insecure)  86400  A     185.162.248.168
glaubs.net.         (insecure)  86400  AAAA  2a03:4000:30:3633::11:3954
office.glaubs.net.  (insecure)  86400  A     185.162.248.168

Are you sure the IPv6 address is correct?

Edit:

The IPv6 address is running an Nginx web server, so it’s pointed to a different server, or set up differently.

https://letsdebug.net/glaubs.net/5972


#3

Oh, I only checked the A record. Should I just delete the AAAA record or what would you recommend? To be honest I’m not sure if or how important it is to have the IPV6 IP as well.


#4

It’s good to support IPv6, but the most important thing is for your DNS records to be correct.

Is that your IPv6 address?

It does have a valid certificate for https://glaubs.net/. It has a web page saying “Hier entsteht eine neue Webseite.”

Are you using both Apache and Nginx?


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.