I'm having a problem when I check the SSL on one of my domains

danwtsa · February 5, 2024, 6:41pm

SYSTEM INFORMATION
OS type and version	Ubuntu Linux 22.04.3
Webmin version	2.105
Virtualmin version	7.9.0
Related packages	SUGGESTED

I have several domains running on this server and when I check the SSL for validity all of them seem to work just fine except for one! I think I have all the settings the same on them… but It’s also possible I may have accidentally made a mistake!

Here is the error I get when I run the SSL Verification on this domain…
stjohnscatfishfest.com (38.40.66.166) has the correct chain.

stjohnscatfishfest.com (2606:9cc0:300:d1:20c:29ff:fe53:b4c2): No route to host

What can I do to fix the error? Should I create a new secure certificate? ShowsI change a setting?

Dan Lewis

stefan1959 · February 5, 2024, 7:35pm

IPv6 not working remove the AAAA record and disable IPv6 for the virtual server and try again.

popmay · February 5, 2024, 10:18pm

your domain AAAA record in viewdns. com shows 2606:9cc0:300:2de:20c:29ff:fe53:b4c2
not 2606:9cc0:300:d1:20c:29ff:fe53:b4c2

so set wrong somewhere

danwtsa · February 6, 2024, 12:50pm

Do you have any idea where I can fix this?

jimr1 · February 6, 2024, 1:01pm

depends where your dns records are maintained, do you use webmin/virtualmin or a 3rd party dns server ?

danwtsa · February 6, 2024, 1:12pm

I’m using another domain on tge same server as a name server

jimr1 · February 6, 2024, 1:48pm

and tge is what ?

danwtsa · February 6, 2024, 3:00pm

Sorry… I was using my phone and it sometimes winds up making weird responses!

jimr1 · February 6, 2024, 3:01pm

so what should ‘tge’ say ?

danwtsa · February 6, 2024, 3:02pm

As I said… I’m using one of my domains as a nameserver. Every other domain on that server is correct and they are all using the same nameserver. So I have no idea where the problem may be. Should I reissue the SSL? Could the problem be there?

jimr1 · February 6, 2024, 3:19pm

you have a problem with the wrong IPV6 address, you need to correct that which will be done at the DNS server (where ever it is).
If virtualmin is maintaining your dns, it will be a case of just adjusting that record to suit the correct IPV6 address with in the virtualmin GUI if not you need to edit the record at where ever the DNS is maintained.
getting a new cert will not help you in this case, editing the DNS records will

danwtsa · February 6, 2024, 3:27pm

Virtualmin is maintaining my DNS. And in the DNS Settings it says the IPv6 address is: 2606:9cc0:300:2de:20c:29ff:fe53:b4c2 the DNS tester is picking up 2606:9cc0:300:d1:20c:29ff:fe53:b4c2 which in the “Allowed Sender” area. Should I change the address in the allowed sender area to 2606:9cc0:300:2de:20c:29ff:fe53:b4c2

danwtsa · February 6, 2024, 3:28pm

Can I have multiple DNS numbers in the allowed sender area? I noticed that happens when I have subdomains

danwtsa · February 6, 2024, 3:44pm

Should I just eliminate all the IP6 entries in the DNS

popmay · February 6, 2024, 7:39pm

Start with what is the IPv6 supplied with your host. That is the number to use. Do they supply more than one IPv6?

I noticed your other domains on 38.40.66.166 have different variations of that IPv6 number.

My VPS host only provides one IPv4 and one IPV6 so that is all I have to deal with.

system · April 6, 2024, 7:40pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.