Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):
Apache/2.4.38 (Debian)

The operating system my web server runs on is (include version):
Debian GNU/Linux 9 (stretch)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0

Hi @kmc


is your job. Fix it.

And not only differences between your ip addresses, again Grade Q - - http over port 443.


Host Type IP-Address is auth. ∑ Queries ∑ Timeout A Roubaix/Hauts-de-France/France (FR) - OVH ISP Hostname: yes 1 0
AAAA 2001:41d0:301::29 Gravelines/Hauts-de-France/France (FR) - OVH SAS yes

like these ip addresses have different machines.

Yep, one has a Grade W, the other Grade N:

SendFailure - The underlying connection was closed: An unexpected error occurred on a send.

• https://[2001:41d0:0301:0000:0000:0000:0000:0029]/
Inline-JavaScript (∑/total): 1/34 Inline-CSS (∑/total): 1/3020	404
Html is minified: 260,66 %	3.400
Not Found

My bind config mentions only one IP address: 3600 A
mail 3600 A
www 3600 A 3600      CAA       0 issue "" 3600      MX    10 3600      NS 3600      NS 3600      TXT        "v=spf1 mx a ~all"

Could that be an ipv6 configuration problem on the whole server ?

This is indeed an IPv6 configuration issue.
The error message indicates that your IPv4 and IPv6 records served different content, so it’s most likely a misconfigured webserver or wrong IPv6 address.

That doesn’t look relevant. is your name server, there are AAAA records.

If you don’t have a working webserver or if the AAAA goes to another machine, remove that AAAA record.

Checking your domain Letsencrypt prefers ipv6, so that blocks creating certificates.

See, Status 302 2001:41d0:301::29, Status 200
	configuration problem - different ip addresses with different status

and the check of /.well-known/acme-challenge/random-filename:

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	404
Html is minified: 100,00 %	0.047
Not Found
Visible Content: Not Found The requested URL was not found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Apache/2.4.38 (Debian) Server at Port 80

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	404
Html is minified: 100,00 %	0.053
Not Found
Visible Content: Not Found The requested URL was not found on this server.

There is the http status the same (both 404). But different answers. Looks like answers from different machines.

I understand now. I forgot that I had delegated DNS server to OVH’s default servers dns20 and was lookinng on the bad DNS server.

I deleted the AAAA field and it works now

Thanks a lot

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.