Cert is due for renewal, auto-renewing...
Plugins selected: Authenticator nginx, Installer nginx
Simulating renewal of an existing certificate for sebastiandetering.com
Performing the following challenges:
http-01 challenge for sebastiandetering.com
Waiting for verification...
Challenge failed for domain sebastiandetering.com
http-01 challenge for sebastiandetering.com
Cleaning up challenges
Failed to renew certificate sebastiandetering.com with error: Some challenges have failed.
The following simulated renewals succeeded:
/etc/letsencrypt/live/peertube.sebastiandetering.com/fullchain.pem (success)
The following simulated renewals failed:
/etc/letsencrypt/live/sebastiandetering.com/fullchain.pem (failure)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
That's the easiest part to check: check if the IPv4 and IPv6 addresses resolved by DNS are actually the IP addresses of the server. If that's the case, then DNS is not the issue. If that's not the case, then DNS is an issue. (Maybe not THE issue though, there may be more issues elsewhere.)
Chances are it's a misconfiguration in your webserver as @rg305 and @9peppe also already pointed out.
I am almost certain the rails server is not listening on IPv6 since I did no setup on that end.
root@vultr:~# cat /etc/nginx/sites-enabled/rails-demo
upstream rails-demo {
server unix:/home/rails-demo/app/shared/unicorn.sock fail_timeout=0;
}
server {
server_name sebastiandetering.com;
root /home/rails-demo/app/current/public;
location /assets/ {
gzip_static on; # serve pre-gzipped version
expires 1M;
add_header Cache-Control public;
}
location / {
try_files $uri @app;
}
location @app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://rails-demo;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/sebastiandetering.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/sebastiandetering.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
#server {
# listen 80;
# server_name www.sebastiandetering.com;
# return 301 http://$host$request_uri;
#
#}
server {
if ($host = sebastiandetering.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name sebastiandetering.com;
return 404; # managed by Certbot
}
Above is my nginx config for the rails-demo server.
Does anyone know how to get this set up correctly, or if I dont want to deal with IPv6, a way to just disable it altogether?