I am trying to install letsencrypt for hage.vegafjord.me using freedombox, but get an error message. I received a log, but I don't understand it's content.
Expected Results
Expect to get a certificate.
Actual results
An error message.
Screenshot
Screenshots on my cloud, because I couldn't add them to this post:
I also have another screenshot displaying the message shown in the freedombox.
Information
Device: Pioneer Freedombox
My web server is (include version): Freedombox (don't know how to check version)
The operating system my web server runs on is (include version): Debian v11.2
My domain is: https://hage.vegafjord.me
My hosting provider, if applicable, is: myself
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): unsure
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): unsure
Why? From the screenshots it seems your client is using the http-01 challenge, so the IP address needs to be public for the challenge to be validated anyway...
To obtain a certificate for a certain hostname, Let's Encrypt needs to know the requesting party is actually the owner of that hostname, so a challenge needs to be performed. See How It Works - Let's Encrypt for more info about that. One of the three possible challenges (see Challenge Types - Let's Encrypt for info about those three challenge types) is the http-01 challenge, which requires a (HTTP) connection from the LE validation servers to a webserver running on the host.
To make that HTTP connection, it's obviously necessary for LE to be able to resolve the hostname to an IP address. Without the IP address, no HTTP connection. So your hostname needs to be publicly resolvable to the correct IP address of the host.
I can't reach 2a01:799:3da:6c00:a317:99b5:caa2:78b6 in any way (ping, port 80, port 443). Does that host accept incoming connections from the internet?
(I realise now that your host is IPv6 only, which is fine, but I didn't notice that so I didn't try a dig for the AAAA record. Now I see the hostname can resolve to the AAAA record indeed. Due to DNS your IP address was public anyway, so redacting it was useless to begin with )