Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
Let's encrypt works fine on other domain names. NOT on this one.
ALL domain names are registered on OVH. izitrek.net has a single IPV4 + single IPV6.
ALL other domain names have the same shared IPV4
My web server is (include version):
Debian 10 Plesk
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
OVH
I can login to a root shell on my machine (yes or no, or I don't know):
I don't know I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Plesk The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
AAAANotWorking
Error
izitrek.net has an AAAA (IPv6) record (2001:41d0:701:1000::234f) but a test request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address. You should either ensure that validation requests to this domain succeed over IPv6, or remove its AAAA record.
A timeout was experienced while communicating with izitrek.net/2001:41d0:701:1000::234f: Get "http://izitrek.net/.well-known/acme-challenge/letsdebug-test": dial tcp [2001:41d0:701:1000::234f]:80: i/o timeout
Trace:
@0ms: Making a request to http://izitrek.net/.well-known/acme-challenge/letsdebug-test (using initial IP 2001:41d0:701:1000::234f)
@0ms: Dialing 2001:41d0:701:1000::234f
@10000ms: Experienced error: dial tcp [2001:41d0:701:1000::234f]:80: i/o timeout
IssueFromLetsEncrypt
Error
A test authorization for izitrek.net to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
91.121.33.150: Fetching https://izitrek.net/.well-known/acme-challenge/9cNzMeeiduFYs92iouE1YOMXAOXCTtXBqXqiSI1srIk: Timeout during connect (likely firewall problem)
And this shows that IPv4 is open but IPv6 is filtered
Checking IPv4 Ports 80 & 443
>nmap -4 -Pn -p80,443 izitrek.net
Starting Nmap 7.94 ( https://nmap.org ) at 2024-08-29 22:45 UTC
Nmap scan report for izitrek.net (91.121.33.150)
Host is up (0.15s latency).
Other addresses for izitrek.net (not scanned): 2001:41d0:701:1000::234f
rDNS record for 91.121.33.150: ip150.ip-91-121-33.eu
PORT STATE SERVICE
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 1.22 seconds
Checking IPv6 Ports 80 & 443
>nmap -6 -Pn -p80,443 izitrek.net
Starting Nmap 7.94 ( https://nmap.org ) at 2024-08-29 22:45 UTC
Nmap scan report for izitrek.net (2001:41d0:701:1000::234f)
Host is up.
Other addresses for izitrek.net (not scanned): 91.121.33.150
PORT STATE SERVICE
80/tcp filtered http
443/tcp filtered https
Nmap done: 1 IP address (1 host up) scanned in 3.67 seconds
On izitrek.net SSH terminal, I prompted:
$ ip addr | grep inet6
Then got:
inet6 ::1/128 scope host
inet6 2001:41d0:701:1000::234f/56 scope global
inet6 fe80::f816:3eff:fe99:ed86/64 scope link
And
$ curl -6 ifconfig.me
Then got
curl: (7) Couldn't connect to server
Difficult for me to understand the meaning and decide what to do.
If your IPv6 doesn't work and it's too complicated for you to get it to actually work, you should probably disable IPv6 entirely, as otherwise you might get into strange issues when IPv6 somehow gets preference above IPv4.