Apache website : An IPv6 DNS record doman.tld with address xxxxxxx exists, but this virtual server does not have IPv6 enabled

OS type and version CentOS 6
Webmin version 2.001
Virtualmin version 7.2 Pro
Related packages SUGGESTED

I know the OS is old but it’s working and no time to update it however it is secure at least. I’ve been running into this error on and off for years. I do not enable IPv6 on any of my VMs and do not enable them in Virtualmin yet I seem to run into this error intermittently. I know my DNS servers do not have any IPv6 DNS records either. Is there an easy way to permanently fix this?

Validating configuration for my.domain.tld ..
.. errors were found, which will prevent Let's Encrypt from issuing a certificate :

* Apache website : An IPv6 DNS record www.my.domain.tld with address 2606:4700:20::xxxx:xxxx exists, but this virtual server does not have IPv6 enabled

Hello, Steffan!

You should either remove IPv6 from domain’s DNS or add IPv6 record to <VirtualHost> in Apache config.

Although, Virtualmin can do it for you using example.com - Server Configuration ⇾ Change IP Address page.

As stated, there are no IPv6 records in the DNS so I’m not sure how it claims there are. In the Change IP Address IPv6 isn’t even disaplayed as an option. I checked the VirtualHost in Apache and there are no IPv6 configurations there either. This is why I’m not sure what’s causing it.

you are asking LE to look for a www.domain.tld - these days that means LE will look for an AAAA record if there isn’t one it will fail. - answer is stop requesting it from LE or enable it (why not?0 these days it gets sort of taken for granted.

I noticed that it was asking for www.my.domain.tld when I overrode that by limiting it to only my.domain.tld and excluding the www. Odd for sure!

Are your DNS on the Virtualmin or external at the box provider?

For this domain, it’s using my DNS servers via Cloudmin Services. I went into my DNS server zone files and verified there are no IPv6 records.

Sorry (I know nothing about that, so I’ll be away - good lick)

It’s nothing more than distributed services. Rather than having DNS running on the virtual server, it’s just running on another machine.

and you are certain that machine is not providing a AAAA or LE thinks it is

Absolutely certain. I have repeatedly checked the zone files in search of a solution.

perhaps a stupid question, but have you tried DNS-resolving the domain name (with or without www) from a remote location to see what gets returned as a result? It might be that the Cloudmin Server has an IPv6 address and (for some reason) automatically adds this as an AAAA-record or something? I don’t know Cloudmin so I’m just guessing, but that IPv6 address is coming from somewhere. :slight_smile:

You not using cloudflare at all, I seen a issue with it giving a ip6 address. can you do a reverse lookup on the IP6 address Lets Encrypt is complaining about?

Perhaps there are IPv6 set in glue records, i.e. your registrar?

1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.