Error: Let's Encrypt validation status 400 (domain.com). Details: Unable to update challenge :: authorization must be pending

Hi there, I am getting this message when the auto-renew SSL cron runs:

Error: Let’s Encrypt validation status 400 (domain.com). Details: Unable to update challenge :: authorization must be pending

I have Cloudflare proxy enabled in that domain. Is there a way to fix this issue (without having to disable Cloudflare proxy, renew the SSL cert manually, and enable it again)?

Check
https://docs.hestiacp.com/admin_docs/web/ssl_certificates.html

Hey eris, so I’ve got this error message:

“detail”: “During secondary validation: {IPv6}: Invalid response from http://www.mydomain.com/.well-known/acme-challenge/{random-string}: 403”,

I read the docs and it says: IPv6 is setup. Disable IPV6 in DNS

Is it that HestiaCP can’t handle IPv6 SSL certs or is it Let’s Encrypt?

Hestia doesnt support ipv6 yet.

Understood! Any plans about when this is going to be supported? Nowadays over 40% of the people use IPv6 when accessing Google: IPv6 – Google

It is on our planned to do list

1 Like

Found out, the problem was with some Firewall rules I had in Cloudflare, that blocked Let’s Encrypt IPs from querying the domains. Solved that, except for those domains that redirect to other domains, which still are showing problems.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.