Timeout on certification creation behind IPv6 and IPv4 ADSL box

Even if I agree that the current situation of the Freebox (Free’s ADSL box) users are not the best one. I do not understand why @schoen said that the DNS record of the Freebox is not valid. The Freebox supports and uses the IPv6 for its own need and allow the users to configure an IPv4 NAT for his private network.

As far as I can see, the workaround use case is supported in Internet to allow IPv4 and IPv6 coexistence. I think this is why the web browsers (like Firefox, Chrome, etc) are able to resolve the DNS record of the Freebox.

Moreover, I do not understand the answer asking to Let’s Encrypt users to go back on their access provider for changing their network architecture. This is not the problem and certainly not the solution.

With the current Freebox architecture, if Let’s encrypt does not want to fallback on the IPv4 address if the server is not reachable on its IPv6 address, the solution is to create a domain name for its private IPv4 network and use an external DNS service to bind the domain to the IPv4 address of the Freebox.

I still thinking that Certbox and Let’s Encrypt are respectively a great application and service. But it’s a shame if Let’s Encrypt does not want to support dual public IP versions. The Freebox users are no more able to use the Freebox domain for managing their own services with Let’s Encrypt.

Many thanks to everyone who responded to my issue.

Just the conclusion in French:
Il n’est plus possible d’utiliser le nom de domaine de la Freebox pour gérer son raiseau privé avec Let’s Encrypt.
Let’s Encrypt ne supporte plus l’adresse IPv4 publique de la Freebox car elle a aussi une adresse IPv6 publique.

1 Like

This is only true if the IPv6 address is not publicly reachable. We issue thousands of certificates every day to people whose devices have both IPv4 and IPv6 addresses! We connect to them over IPv6 and validate their control over their domain names.

1 Like

Thank you @schoen for your clarification. I updated my post.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.