zwt
May 24, 2017, 7:46am
#1
Please fill out the fields below so we can help you better.
My domain is: tanatek.com
I ran this command: LetsEncrypt cPanel plugin (but got the same with le-cp ssl --user=tanatek issue mail.tanatek.com www.tanatek.com )
It produced this output:
FATA[0010] Failed to get certificate for map[www.tanatek.com :{www.tanatek.com tanatek.com Alias /home/tanatek/public_html tanatek} mail.tanatek.com :{mail.tanatek.com tanatek.com Alias /home/tanatek/public_html tanatek}]: The Let’s Encrypt HTTP challenge failed: acme error ‘urn:acme:error:connection’: Could not connect to tanatek.com , aborting
My web server is (include version):
Apache 2.4.25 (cPanel)
The operating system my web server runs on is (include version): CentOS 6
I can login to a root shell on my machine (yes or no, or I don’t know): Yes I have full root access
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): cPanel
I can also ping 66.133.109.36 and firewall is disabled but still the same, the domain is pinging as well from the server itself.
Hi @zwt
You have an IPV6 Address on your domain. Search this forum as their has been quite a bit of discussion about this recently.
Andrei
zwt
May 24, 2017, 12:38pm
#3
Yes that was it. Disabling IPV6 temporary allowed LetsEncrypt to proceed with the SSL renewal, thank you!
zwt
June 23, 2017, 7:41am
#4
Do we have a resolution for this problem yet? This is quite annoying especially on a cPanel server with hundreds of domains.
schoen
June 23, 2017, 5:54pm
#5
@zwt , you might want to ask on the cPanel forums at
The cPanel Community Support Forums are most helpful to cPanel Server Administrators running cPanel Powered Servers looking to stay on top of the latest news, views and tips for cPanel @ WHM software. Troubleshooting tips, Developer Forums, Feature...
or maybe ask @benny who’s also a member of this forum.
zwt
June 24, 2017, 6:16am
#6
The problem is with LetsEncrypt itself not related to cPanel. For some reason if a domain has both ipv4 and ipv6 records the renewal fails since LetsEncrypt servers can’t connect to the domains. @benny can you advise here?
thank you
The solution is to have IPV6 records pointing to valid servers and having listeners for IPV6 on those servers
Andrei
zwt
June 25, 2017, 2:15pm
#8
hm weird indeed, ok it was my fault. sorry. All looks smooth now
system
July 25, 2017, 2:16pm
#9
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
