Verify Ownership: Domain challenge failed... Timeout 400

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:
Error: Domain challenge failed. Please start back at Step 1. { “type”: “http-01”, “status”: “invalid”, “error”: { “type”: “urn:acme:error:connection”, “detail”: “Fetching Timeout”, “status”: 400 }, “uri”: “”, “token”: “beAj0S4KPKIVBHRBBwqe-K98oMvGkASt_2ir2mWDj6E”, “keyAuthorization”: “beAj0S4KPKIVBHRBBwqe-K98oMvGkASt_2ir2mWDj6E.QkI13M4P2eX421TNB5P8QEfYa7YHdAoXFIH3ItRx_ys”, “validationRecord”: [ { “url”: “”, “hostname”: “”, “port”: “80”, “addressesResolved”: [ “”, “2a01:4f8:10a:2c4f::2” ], “addressUsed”: “2a01:4f8:10a:2c4f::2”, “addressesTried”: [] } ] }

My web server is (include version):

The operating system my web server runs on is (include version):
37~16.04.1-Ubuntu SMP

My hosting provider, if applicable, is: na

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Hi @simmbiote,

As you can see, your domain resolves two ips (IPv4 and IPv6), while your site can be reached using IPv4:

$ curl -4ikL
HTTP/1.1 200 OK
Server: nginx/1.11.9
Date: Fri, 15 Sep 2017 18:23:02 GMT
Content-Type: application/octet-stream
Content-Length: 16
Last-Modified: Fri, 15 Sep 2017 15:16:02 GMT
Connection: keep-alive
ETag: "59bbeeb2-10"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes


it can't be reached using IPv6 address:

$ curl -6ikL
curl: (7) Failed to connect to port 80: Connection timed out

Let's Encrypt prefers IPv6 over IPv4 so you need to fix your IPv6 connectivity issues or remove the AAAA record for your domain.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.