my ISP, IMU 222222222
My ISP, IMU
I don’t know what they did, they say they did nothing at all
Do you know how I get it back, I might of messed somthing up, but Idk
This is a forum about Letsencrypt certificate related issues.
Your issue now is completely unrelated.
I would reboot the router.
Then reboot the server.
If it still fails to get an IPv6 address, you need to speak with your ISP.
ok, thank you. I will do that
I am having the same issues, and I got ipv6 working
I have had this issue before Timeout during connect (likely firewall problem) Apache2 Ubunut 20.04 server
My domain is: Sturtz.ml
I ran this command:
Certbot
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Enter email address (used for urgent renewal and security notices)
(Enter 'c' to cancel): nate.sturtz@sturtz.ml
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf. You must
agree in order to register with the ACME server at
https://acme-v02.api.letsencrypt.org/directory
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(A)gree/(C)ancel: A
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Would you be willing, once your first certificate is successfully issued, to
share your email address with the Electronic Frontier Foundation, a founding
partner of the Let's Encrypt project and the non-profit organization that
develops Certbot? We'd like to send you email about our work encrypting the web,
EFF news, campaigns, and ways to support digital freedom.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
(Y)es/(N)o: N
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: sturtz.ml
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for sturtz.ml
Enabled Apache rewrite module
Waiting for verification...
Challenge failed for domain sturtz.ml
http-01 challenge for sturtz.ml
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: sturtz.ml
Type: connection
Detail: Fetching
http://sturtz.ml/.well-known/acme-challenge/nj60I2FThSOzVbNw2WB92yCGVFY4USLEXxciHDMSJOI:
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
My web server is (include version):
Apache/2.4.41 (Ubuntu)
The operating system my web server runs on is (include version):
Ubuntu 20.04
My hosting provider, if applicable, is:
Self hosting
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
certbot 1.7.0
Your domain only has an AAAA resource record and there is no connectivity possible to your IPv6 address. Please check your IPv6 connectivity (just like in the previous topic).
Well, as your site is only accessible through IPv6, that's obviously a big problem. Restore your IPv6 connectivity and you'll resolve your certbot issue.
Ok, I don’t know how to though.
I’m going to have to refer to @rg305 in your previous thread unfortunately. This isn’t a generic networking troubleshooting Community I’m afraid. You’ve got much bigger problems than a TLS certificate at the moment: your site in general isn’t accessible.
I got the IPv6 issues fixed now I am still having the same issue with certbot. IPv6 is working
It's not working.
http://[2604:99c0:8:2fe6:d9b8:a6c8:92ba:2f07]/
Timeout, no answer.
Please use online tools to check that.
The new ip address
out put is
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:23:24:08:58:1f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.8/24 brd 192.168.1.255 scope global dynamic noprefixroute enp0s25
valid_lft 85856sec preferred_lft 85856sec
inet6 fe80::223:24ff:fe08:581f/64 scope link
valid_lft forever preferred_lft forever
3: ens2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:1b:21:bf:e7:28 brd ff:ff:ff:ff:ff:ff
inet 169.254.38.166/16 brd 169.254.255.255 scope link noprefixroute ens2
valid_lft forever preferred_lft forever
inet6 2604:99c0:8:2fe6:79d7:6cde:235d:c8bf/64 scope global temporary dynamic
valid_lft 43188sec preferred_lft 26988sec
inet6 2604:99c0:8:2fe6:21b:21ff:febf:e728/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 43188sec preferred_lft 26988sec
inet6 fe80::21b:21ff:febf:e728/64 scope link noprefixroute
valid_lft forever preferred_lft forever
I got a new ip addresss,
IPv6 address for ens2: 2604:99c0:8:2fe6:9539:d97a:23d0:990c
IPv6 address for ens2: 2604:99c0:8:2fe6:21b:21ff:febf:e728
I do not know why there is two but I have tried both.
netstat -plant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 873/named
tcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN 966/tor
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 946/mysqld
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1479/perl
tcp 0 0 169.254.38.166:53 0.0.0.0:* LISTEN 873/named
tcp 0 0 192.168.1.8:53 0.0.0.0:* LISTEN 873/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 873/named
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 755/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1320/sshd: /usr/sbi
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 771/cupsd
tcp 0 196 192.168.1.8:22 192.168.1.6:49682 ESTABLISHED 1412/sshd: nsturtz
tcp 0 0 192.168.1.8:50536 46.4.49.62:9002 ESTABLISHED 966/tor
tcp6 0 0 ::1:953 :::* LISTEN 873/named
tcp6 0 0 :::443 :::* LISTEN 1336/apache2
tcp6 0 0 :::80 :::* LISTEN 1336/apache2
tcp6 0 0 fe80::223:24ff:fe08::53 :::* LISTEN 873/named
tcp6 0 0 ::1:53 :::* LISTEN 873/named
tcp6 0 0 :::22 :::* LISTEN 1320/sshd: /usr/sbi
tcp6 0 0 ::1:631 :::* LISTEN 771/cupsd
tcp6 0 1 2604:99c0:8:2fe6::45142 2604:99c0:4:12::71:53 SYN_SENT 755/systemd-resolve
sudo lsof -iTCP -sTCP:LISTEN -P
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
systemd-r 755 systemd-resolve 13u IPv4 26099 0t0 TCP localhost:53 (LISTEN)
cupsd 771 root 7u IPv6 30989 0t0 TCP ip6-localhost:631 (LISTEN)
cupsd 771 root 8u IPv4 30990 0t0 TCP localhost:631 (LISTEN)
named 873 bind 22u IPv4 30300 0t0 TCP localhost:953 (LISTEN)
named 873 bind 26u IPv4 30129 0t0 TCP localhost:53 (LISTEN)
named 873 bind 27u IPv4 30129 0t0 TCP localhost:53 (LISTEN)
named 873 bind 28u IPv4 30129 0t0 TCP localhost:53 (LISTEN)
named 873 bind 32u IPv6 30749 0t0 TCP ip6-localhost:53 (LISTEN)
named 873 bind 33u IPv6 30749 0t0 TCP ip6-localhost:53 (LISTEN)
named 873 bind 34u IPv6 30749 0t0 TCP ip6-localhost:53 (LISTEN)
named 873 bind 35u IPv6 30301 0t0 TCP ip6-localhost:953 (LISTEN)
named 873 bind 38u IPv6 30520 0t0 TCP [fe80::223:24ff:fe08:581f]:53 (LISTEN)
named 873 bind 39u IPv6 30520 0t0 TCP [fe80::223:24ff:fe08:581f]:53 (LISTEN)
named 873 bind 40u IPv6 30520 0t0 TCP [fe80::223:24ff:fe08:581f]:53 (LISTEN)
named 873 bind 45u IPv4 30704 0t0 TCP sturtz001:53 (LISTEN)
named 873 bind 46u IPv4 30704 0t0 TCP sturtz001:53 (LISTEN)
named 873 bind 47u IPv4 30704 0t0 TCP sturtz001:53 (LISTEN)
named 873 bind 50u IPv4 32956 0t0 TCP sturtz001.local:53 (LISTEN)
named 873 bind 51u IPv4 32956 0t0 TCP sturtz001.local:53 (LISTEN)
named 873 bind 52u IPv4 32956 0t0 TCP sturtz001.local:53 (LISTEN)
mysqld 946 mysql 26u IPv4 31345 0t0 TCP localhost:3306 (LISTEN)
sshd 1320 root 3u IPv4 34564 0t0 TCP *:22 (LISTEN)
sshd 1320 root 4u IPv6 34566 0t0 TCP *:22 (LISTEN)
apache2 1336 root 4u IPv6 34789 0t0 TCP *:80 (LISTEN)
apache2 1336 root 6u IPv6 34793 0t0 TCP *:443 (LISTEN)
miniserv. 1479 root 5u IPv4 37015 0t0 TCP *:10000 (LISTEN)
apache2 2191 www-data 4u IPv6 34789 0t0 TCP *:80 (LISTEN)
apache2 2191 www-data 6u IPv6 34793 0t0 TCP *:443 (LISTEN)
apache2 2192 www-data 4u IPv6 34789 0t0 TCP *:80 (LISTEN)
apache2 2192 www-data 6u IPv6 34793 0t0 TCP *:443 (LISTEN)
apache2 2193 www-data 4u IPv6 34789 0t0 TCP *:80 (LISTEN)
apache2 2193 www-data 6u IPv6 34793 0t0 TCP *:443 (LISTEN)
apache2 2194 www-data 4u IPv6 34789 0t0 TCP *:80 (LISTEN)
apache2 2194 www-data 6u IPv6 34793 0t0 TCP *:443 (LISTEN)
apache2 2195 www-data 4u IPv6 34789 0t0 TCP *:80 (LISTEN)
apache2 2195 www-data 6u IPv6 34793 0t0 TCP *:443 (LISTEN)
apachectl -S
[Wed Sep 02 09:59:25.899811 2020] [core:error] [pid 2259] (EAI 2)Name or service not known: AH00547: Could not resolve host name *: -- ignoring!
[Wed Sep 02 09:59:25.899951 2020] [core:error] [pid 2259] (EAI 2)Name or service not known: AH00547: Could not resolve host name *: -- ignoring!
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80 is a NameVirtualHost
default server sturtz.ml (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost sturtz.ml (/etc/apache2/sites-enabled/000-default.conf:1)
port 80 namevhost cloud.sturtz.ml (/etc/apache2/sites-enabled/cloud.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex ssl-stapling: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33
The out put I get from certbot
is
Plugins selected: Authenticator apache, Installer apache
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: sturtz.ml
2: cloud.sturtz.ml
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for cloud.sturtz.ml
http-01 challenge for sturtz.ml
Waiting for verification...
Challenge failed for domain cloud.sturtz.ml
Challenge failed for domain sturtz.ml
http-01 challenge for cloud.sturtz.ml
http-01 challenge for sturtz.ml
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: cloud.sturtz.ml
Type: connection
Detail: Fetching
http://cloud.sturtz.ml/.well-known/acme-challenge/a5xmyvF4-GcxjiNnl-fo_jiVuGoniwIwubkoFD63xQ8:
Timeout during connect (likely firewall problem)
Domain: sturtz.ml
Type: connection
Detail: Fetching
http://sturtz.ml/.well-known/acme-challenge/uqLWHSnLvl6T_aqioj4wMvFhM7tftTk3RVsTa0FnhFI:
Timeout during connect (likely firewall problem)
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
I had to make a new topic because this was way to long, and all the information was out dated, I have new IP address, among other things.
Please use this topic