Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:baronhouse.com
I ran this command:certbot --nginx -d baronhouse.com -d www.baronhouse.com
It produced this output:
Domain: www.baronhouse.com
Type: unauthorized
Detail: 2600:3c08::f03c:95ff:fe70:2dc2: Invalid response from http://www.baronhouse.com/.well-known/acme-challenge/BS2ZUQsNJBU3dADuwexDy3ORFIGE4lxgT7Bix98v7Lo: 404
My web server is (include version): nginx/1.24.0
The operating system my web server runs on is (include version): Ubuntu 24.04
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):certbot 2.9.0
I was getting this error even though the IPv6 address was correctly pointing to baronhouse.com and www.baronhouse.com
The .well-known and acme-challenge folders were not created even after I added the following code to the domain's Nginx config file:
location ~ /.well-known/acme-challenge/ {
allow all;
}
I could only fix it by deleting the AAAA records for the domain.The SSL was generated and installed in the first attempt after removing these records.
Can anyone decipher why the error occurred though the AAAA records were present and why removing them enabled certbot to generate the SSL?