I am writing to formally raise a complaint regarding the inability to obtain an SSL certificate for my domain, elevated-marketing.net. Despite multiple attempts to install SSL using Let’s Encrypt, the authentication process fails, citing an "unauthorized response" and a failure to verify the ACME challenge.
Verified DNS records and confirmed that the domain points to the server correctly.
Checked and configured Nginx to serve ACME challenge files correctly.
Ensured firewall settings allow traffic on ports 80 and 443.
Attempted both the --nginx and --webroot methods for SSL installation.
Confirmed file permissions and web server accessibility.
Despite these measures, the SSL verification process continues to fail. I kindly request your technical team to investigate whether there are any restrictions, DNS misconfigurations, or server-level limitations that may prevent SSL installation on my .NET domain.
I appreciate your prompt assistance in resolving this matter, as SSL is critical for securing my website and ensuring user trust. Please provide any necessary guidance or action steps required from my end.
This is the Let's Encrypt Community, mostly used by volunteers like myself, not an official way of reaching out to the Let's Encrypt staff.
You might get better results in the Help section asking volunteers to help you with your situation instead of raising complaints As the snippet of info from the error message you have provided does not show any evidence of "restrictions, DNS misconfigurations, or server-level limitations" on Let's Encrypts side. It suggests incorrect configuration on the users end.
Futher more, I agree with what @griffin found: your server seems to be sending your website nicely to browsers over IPv4 using nginx, but over IPv6 it just responds with 404 file not found errors, served by the Google ghs webserver. And Let's Encrypt prefers IPv6 over IPv4, resulting in the error.
Please first fix your webserver so it works when IPv6 is prefered (either by fixing IPv6 or disabling it entirely, including removing the AAAA RRs in DNS) and try again.
Also, but that's personal:
Why this? Let's Encrypt issues more than 5 million certs daily and has a very small team to do so. And it's free of charge. Why this "complaint" with all the hasty notions? Let's Encrypt doesn't owe you anything. You're lucky we volunteers aren't that petty in that we wouldn't provide you with the solution to your problem despite the negative way you posted this thread.
Had you opened this thread in the Help section, you would have been provided with a questionnaire. All the answers to this questionnaire are required:
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
As the snippet of info from the error message you have provided does not show any evidence of "restrictions, DNS misconfigurations, or server-level limitations" on Let's Encrypts side. It suggests incorrect configuration on the users end.