Lets encrypt Status: 400

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: https://cursosicde.com/

I ran this command: I make automatic y Plesk Obsidian 18.0.28

It produced this output: Status: Status: 400

My web server is (include version):

The operating system my web server runs on is (include version): CentOS Linux 7.8.2003 (Core)

My hosting provider, if applicable, is: ionos

I can login to a root shell on my machine (yes or no, or I don’t know): YES

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Plesk Obsidian v18.0.28_build1800200720.10 os_CentOS 7

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

1 Like

I think Plesk has more details in this error, can you share the full error?

Hi @jmmg

you have ipv4 and ipv6 - https://check-your-website.server-daten.de/?q=cursosicde.com

Host Type IP-Address is auth. ∑ Queries ∑ Timeout
cursosicde.com A 82.223.100.120 Logroño/La Rioja/Spain (ES) - arsys.es Hostname: verialsoft.es yes 1 0
AAAA 2001:41d0:302:2100::5c2f Roubaix/Hauts-de-France/France (FR) - OVH SAS yes
www.cursosicde.com A 82.223.100.120 Logroño/La Rioja/Spain (ES) - arsys.es Hostname: verialsoft.es yes 1 0
AAAA 2001:41d0:302:2100::5c2f Roubaix/Hauts-de-France/France (FR) - OVH SAS yes

but your ipv6 doesn’t work - only timeouts.

That’s critical because Letsencrypt prefers ipv6 checking your domain.

  • Fix your ipv6 (or)
  • remove the AAAA entries
2 Likes

Could not secure domains of Administrator (login admin) with Let`s Encrypt certificates. Please log in to Plesk and secure the domains listed below manually.
Securing of the following domains has failed:

The following domains have been secured without some of their Subject Alternative Names:

Could not renew Lets Encrypt certificates for Administrator (login admin). Please log in to Plesk and renew the certificates listed below manually. Renewal of the following Lets Encrypt certificates has failed:

Invalid response from https://acme-v02.api.letsencrypt.org/acme/authz-v3/6236090210.
Details:
Type: urn:ietf:params:acme:error:connection
Status: 400
Detail: Fetching https://cursosicde.com/.well-known/acme-challenge/DFGpZ8utDOJ9hNsRKS6nXFV2nBtezktVwc8lILjrOUk: Timeout during connect (likely firewall problem)

The following Let`s Encrypt certificates have been renewed without some of their Subject Alternative Names:

Legend:
[+] This domain is secure. The domain’s SSL/TLS certificate from Lets Encrypt has been issued/renewed. [-] This domain is not secure. Either the domain's SSL/TLS certificate from Lets Encrypt could not be issued/renewed or the domain name was excluded from the certificate. Renew the certificate manually or request a new one to secure this domain.

1 Like

I remove the AAAA entries and now is fine.
Thank you very much

2 Likes

Thank Juergen

· I remove the AAAA entries and now work fine

2 Likes