I know I have found this topic elsewhere but could not find an answer that would actually explain it.
Since yesterday I am trying to issue a certificate for a new domain. The DNS records are set to point to the server since yesterday morning. When I try to resolve it against the authoritative NS they return correct address. Same with google DNS. But letsencrypt still tries to connect to old servers for no reason.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: code-heart.top
  Type: unauthorized
  Detail: Invalid response from
  http://code-heart.top/.well-known/acme-challenge/oQITJryqyg8XdZ33lmjfKDO48Kr__A8qUUpZ8lmm0ig:
  "

  404 Not Found

  404 Not Found

  ---

  "

  Domain: www.code-heart.top
  Type: unauthorized
  Detail: Invalid response from
  http://www.code-heart.top/.well-known/acme-challenge/b148ud9PESdxDm3Koywl046hTItc4FVkX4EUjl9iJ3k:
  "

  404 Not Found

  404 Not Found

  ---

  "

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address.

==============================================================
dig @8.8.8.8 www.code-heart.top +short
188.120.194.22

which is correct one. The authoritative namservers return the same address. Though letsencrypt still fails.

Thank you for your help

Your domain has IPv6 address record (AAAA) set:

$ dig aaaa www.code-heart.top +short         
2001:1568::14

Let’s Encrypt VA servers prefer IPv6 over IPv4. If you are not using IPv6 for your server, you should remove this record, as your IPv6-enabled visitors will be directed to the wrong site (and you won’t be able to fulfil HTTP-01 or TLS-SNI-01 challenge).

Thank you very much!!
Have a nice day

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.