Apache website : An IPv6 DNS record doman.tld with address xxxxxxx exists, but this virtual server does not have IPv6 enabled

Steffan · October 17, 2023, 6:43pm

SYSTEM INFORMATION
OS type and version	CentOS 6
Webmin version	2.001
Virtualmin version	7.2 Pro
Related packages	SUGGESTED

I know the OS is old but it’s working and no time to update it however it is secure at least. I’ve been running into this error on and off for years. I do not enable IPv6 on any of my VMs and do not enable them in Virtualmin yet I seem to run into this error intermittently. I know my DNS servers do not have any IPv6 DNS records either. Is there an easy way to permanently fix this?

Validating configuration for my.domain.tld ..
.. errors were found, which will prevent Let's Encrypt from issuing a certificate :

* Apache website : An IPv6 DNS record www.my.domain.tld with address 2606:4700:20::xxxx:xxxx exists, but this virtual server does not have IPv6 enabled

Ilia · October 17, 2023, 7:10pm

Hello, Steffan!

You should either remove IPv6 from domain’s DNS or add IPv6 record to <VirtualHost> in Apache config.

Although, Virtualmin can do it for you using example.com - Server Configuration ⇾ Change IP Address page.

Steffan · October 17, 2023, 8:16pm

As stated, there are no IPv6 records in the DNS so I’m not sure how it claims there are. In the Change IP Address IPv6 isn’t even disaplayed as an option. I checked the VirtualHost in Apache and there are no IPv6 configurations there either. This is why I’m not sure what’s causing it.

Stegan · October 17, 2023, 8:29pm

you are asking LE to look for a www.domain.tld - these days that means LE will look for an AAAA record if there isn’t one it will fail. - answer is stop requesting it from LE or enable it (why not?0 these days it gets sort of taken for granted.

Steffan · October 17, 2023, 8:36pm

I noticed that it was asking for www.my.domain.tld when I overrode that by limiting it to only my.domain.tld and excluding the www. Odd for sure!

Stegan · October 17, 2023, 8:39pm

Are your DNS on the Virtualmin or external at the box provider?

Steffan · October 17, 2023, 8:42pm

For this domain, it’s using my DNS servers via Cloudmin Services. I went into my DNS server zone files and verified there are no IPv6 records.

Stegan · October 17, 2023, 8:44pm

Sorry (I know nothing about that, so I’ll be away - good lick)

Steffan · October 17, 2023, 8:59pm

It’s nothing more than distributed services. Rather than having DNS running on the virtual server, it’s just running on another machine.

Stegan · October 17, 2023, 9:55pm

and you are certain that machine is not providing a AAAA or LE thinks it is

Steffan · October 18, 2023, 5:46am

Absolutely certain. I have repeatedly checked the zone files in search of a solution.

kennethgeets · October 18, 2023, 7:54am

perhaps a stupid question, but have you tried DNS-resolving the domain name (with or without www) from a remote location to see what gets returned as a result? It might be that the Cloudmin Server has an IPv6 address and (for some reason) automatically adds this as an AAAA-record or something? I don’t know Cloudmin so I’m just guessing, but that IPv6 address is coming from somewhere.

stefan1959 · October 18, 2023, 7:56am

You not using cloudflare at all, I seen a issue with it giving a ip6 address. can you do a reverse lookup on the IP6 address Lets Encrypt is complaining about?

Ilia · October 18, 2023, 3:14pm

Perhaps there are IPv6 set in glue records, i.e. your registrar?

system · December 17, 2023, 3:15pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.