Webroot renewal stopped working

gsong · January 20, 2018, 7:15pm

My domain is:

I ran this command:

letsencrypt renew

It produced this output:

   Domain: secretsauceagency.com
   Type:   connection
   Detail: Fetching http://secretsauceagency.com/.well-known/acme-
   challenge/zpKE_0GiIWoPSs5aXWc5_DoTc1pLMYCFTxAGKwS-ink: Timeout

My web server is (include version):

nginx 1.13.8

The operating system my web server runs on is (include version):

Docker container (Alpine)

My hosting provider, if applicable, is:

Linode

I can login to a root shell on my machine (yes or no, or I don’t know):

Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

No

The renewal process has been working smoothly for more than a year now, but all of a sudden it stopped working for this specific domain. Other domains on the same server are all fine, with the most recent renewal at 2018-01-16T06:06Z.

Port 80 is open to the world and wget http://secretsauceagency.com/.well-known/hello.txt fetches the file properly. I also see that the CLI creates the acme-challenge file during the renewal process.

With the exact same setup, www.secretsauceagency.com renewed on 2018-01-10T18:08Z.

Any ideas?

sahsanu · January 20, 2018, 7:48pm

Hi @gsong,

I’m using my smartphone so my answer will be short. The difference between www and non-www domain is that you have defined an IPv6 address for non-www domain but it is not working. Fix your IPv6 conf or remove AAAA record for secretsauceagency.com domain.

Cheers,
sahsanu

gsong · January 21, 2018, 12:09am

@sahsanu Thank you for the quick reply. I’ve straightened out the ipv6 conf (totally forgot about that with the migration to Docker). Once DNS propagation happens, I’ll check again.

mnordhoff · January 21, 2018, 1:06am

Let's Encrypt does minimal DNS caching. You can try again as soon as the authoritative DNS servers have been updated.

gsong · January 21, 2018, 1:32am

Just tested and everything is . Thank you both for your quick response, @sahsanu and @mnordhoff.

schoen · February 14, 2018, 5:35pm

A post was split to a new topic: Check if site is working properly

system · March 16, 2018, 5:35pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.