Apache found DNS ipv6 record - where? causing lets encrypt failure

| SYSTEM INFORMATION||

| OS type and version | Ubuntu 24.04.1 Pro
| Webmin version | Webmin 2.202
| Virtualmin version | Version 7.30.3 Pro
| Webserver version | Apache version 2.4.58
| Related packages | no packages changed from virtualmin pro install

Get the following error … seems to be a DNS error somewhere that I cannot figure out where it is located or how to delete or edit it … not in my (ZoneEdit) DNS registrar account (no IPv6) and IP v6 is not supported by my ISP

Validating configuration for [all virtual server names]
… errors were found, which will prevent Let’s Encrypt from issuing a certificate :

Apache website : An IPv6 DNS record 'text removed' exists, but this virtual server does not have IPv6 enabled 

What function is finding this IPv6 record, and how can I manage it to prevent using IPv6?

Resolved? I got rid of the error message and got Lets Encrypt to issue a certificate a few minutes ago.

I had put google.com and bing.com in the ‘Search domains’ field of the Hostname and DNS Client page found within Webmin > Networking menu.

I found that the portion of the ‘text removed’ from my original post contain a string that looked almost like an IP v6 address … but it turned out to be a domain name belonging to Microsoft and used for bing.com

So I went back to the ‘Search domains’ field and set it back to ‘none’ and erased the two entries that I had put into it before … rebooted the server and tried Lets Encrypt again … and it worked.

Well, I learned a bit more about Virtualmin today. Not quite the way I wanted to, this took me several hours to get it to work.

That doesn’t make sense. That’s for local domains that will be automatically appended when trying to resolve a non-fully qualified name, e.g. I might have host joe.virtualmin.com, and if virtualmin.com were in my search domains, I could just type ping joe and it would resolve to ping joe.virtualmin.com

But, if this is a hosting system at a hosting provider you should stay the heck out of the network configuration, you can only ever break things. Your hosting provider provides a configuration that works with their routing infrastructure, literally nothing is user serviceable about that configuration (except hostname, and even that doesn’t necessarily need to change, as long as it is fully qualified, and resolves correctly both forward and backward).

I am sure you are right. But, at the time I put those entries into the vitrualmin setup webpage box, I didn’t have any understanding of what they would be used for and I just guessed that something was required.

The problem with the lets encrypt failure citing an IP v6 address did go away when I removed those two entries. I thought somebody else would have and might still in the future make the same mistake … so I posted it for anyone else that happens to encounter the same problem.

1 Like

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.