Let's Encrypt Verification failed


I recenlty tried to renew my certificate but it didn’t work.
(I cannot put the real domain name for security sorry)

I got this error :

 Domain: <MyWebSite>
   Type:   unauthorized
   Detail: Invalid response from

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

I already search a lot on internet, and people said to try to curl a test file and it’s working

curl -ikL4 https://<MyWebSite>/.well-known/acme-challenge/test
HTTP/1.1 200 OK
Server: nginx/1.4.6 (Ubuntu)
Date: Wed, 18 Dec 2019 10:27:09 GMT
Content-Type: application/octet-stream
Content-Length: 7
Last-Modified: Wed, 18 Dec 2019 09:44:21 GMT
Connection: keep-alive
ETag: "5df9f4f5-7"
Accept-Ranges: bytes

But with ipv6 it didn’t work

curl -ikL6 https://<MyWebSite>/.well-known/acme-challenge/test
curl: (6) Could not resolve host: <MyWebSite>

I am using Nginx

Is the issue come from ipv6 ? Or it something else ?

Thanks for you help

1 Like

Hi @jschotte

your domain name is required.

You may use tools like https://check-your-website.server-daten.de/ (own tool) or https://letsdebug.net/ ( @_az ), but it’s required to see how your configuration answers.

And all answers are required:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

This is likely your problem; if you host has both A and AAAA records, LE will try to connect with IPv6. But also, when testing the challenge file, you should be testing it with a HTTP connection, not HTTPS.

1 Like

Also, how come there’s a / at the end of the HTTPS URL?


In fact we juste have a CNAME record pointing to my Nginx server.

But I don’t understand why it’s not working anymore :confused:
Because I have a cron task which renew the certificate, and it was working before :frowning:

And I have tried with HTTP and I’ve got the same result

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.