Problem with the let's encrypt certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: sudo certbot certonly --agree-tos --email --webroot -w /var/lib/letsencrypt/ -d -d

It produced this output: To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.

My web server is (include version): Ubuntu

The operating system my web server runs on is (include version): Ubunto 20.04

My hosting provider, if applicable, is: Contabo

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I do not know

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): I do not understand the questions?

1 Like

Hi @joeusai, and welcome to the LE community forum :slight_smile:

These seems unrelated:

Please start by showing the following output:
apachectl -S

1 Like

Also, these names resolve to somewhat different IPs (one also has IPv6):

Addresses: 2a02:c207:2037:241::1



1 Like

Hello, thank you for your welcome. I am using nginx and not apache.


What should I do with these IP addresses. I'm sorry to ask this question. But this is my first time using Lets encrypt.

@rg305 I do not understand the addresses that you presented in 3rd and 4th position.

1 Like

You showed two different domains in your opening post.

The first domain ( has an IPv6 address for the base name.
[LE prefers IPv6 over IPv4 when present and may be part of the problem with obtaining a cert]
And ,for IPv4, it shows: Server: Werkzeug/0.16.1 Python/3.8.5
So it is difficult to tell if it is running Apache or NGINX.
[for IPv6, it fails to connect - again, likely the problem with obtaining a cert for that name]

The second domain ( - shown in the command line) has one IP for the base name and another IP for the www name.
And they show:

Server: Apache
Server: Apache/2.4.10 (Debian)

So, which is the domain name you are asking for help with?


What site or software do you use to detect IP addresses?

root@vmi370241:~# hostname -I
root@vmi370241:~# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet netmask broadcast
inet6 fe80::250:56ff:fe3f:833b prefixlen 64 scopeid 0x20
ether 00:50:56:3f:83:3b txqueuelen 1000 (Ethernet)
RX packets 1430626 bytes 421634950 (421.6 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1077397 bytes 297038104 (297.0 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet netmask
loop txqueuelen 1000 (Local Loopback)
RX packets 393323 bytes 205518271 (205.5 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 393323 bytes 205518271 (205.5 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

I show you my results

1 Like

Then you are likely referring to the domain only.
I will avoid anything relating to the other domain ( from hereon out.


The problem you are having is likely due to the IPv6 address assigned to the base domain.
If that IPv6 address is not needed, you should remove it from DNS.


Here some different ways to find your IP(s)


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.