IPv6 Error - SSL

|SYSTEM INFORMATION|| Debian 10
|OS type and version:|REQUIRED| Buster
|Webmin version:|REQUIRED| 1.981
**|Virtualmin version:|REQUIRED| 6.17-3 **
**|Related products version:|RECOMMENDED| **

Hello all,

I have strange situation and I don’t know how to solve this problem.

When I installed SSL Letsencyprt everything looks fine till I testing on SSL labs.
Site grade is A (IPv4), but for IPv6 no result …

Then I’ve test server again and I got this :

(x:xxx::xxx:xxxx:xxxx:8539): TLS handshake error: error:1408F10B:SSL routines:ssl3_get_record:wrong version number

In mean while I am trying to do debug link in Facebook debugger and I got this error

Curl error: 35 (SSL_CONNECT_ERROR)

Then I’ve created in subdomain new site and get a SSL Letsencrypt from Virtualmin.
Evertyhing was fine. I’ve checked in Facebook debbuger link, and it passed.

I’ve check in SSL labs and everythings fine.

It seems that from some reason SSL not reading IPv6 , i am not sure, but I suppose.
I would appreciate any help or guidance how to solve this issues

Thanks

Have you set up relevant AAA record(s) for your domain and subdomains as well as assign an ipv6 to your virtual server before requesting the cert?

Hi ,

Honestly, I don’t remember and I have to admit from reason I had to do things very fast, because site had a lot of visitis.
When you mention that now I think I’ve made mistake exactly on that point.

When I do migrated from one IP address (VPS server) to another I forgot to delete domain A/AAAA records on hosting from that IP address.
While I was waiting for DNS propagation probably somethings happend on this two IP address in same time, because I had SSL on that IP address for this website.

But now I don’t know should I delete complete Virtual server and do things from beganing again or to delete SSL and strart again with request.

As I said before subdomain now woks well… Just I don’t know how to solve this for main domain…
Thank you for replay.

If you’re unable to properly setup records for IPv6, and you also have an IPv4 address, you should turn off IPv6 in Virtualmin. (It’s either that, or learn how to setup your DNS records properly for IPv6, since it doesn’t sound like Virtualmin is managing your DNS.)

Thank you @Joe for an answer.
I am afraid If I turn of IPv6 then I can’t share things from site. Becuase as I said I have created one more subdomain and there everythings work well.
I am not sure what to do now, because I saw that virtual server files on apache is differents between domain and subdomin, and I saw that folder .well-known is missing in domain.

That folder doesn’t exist normally (unless you created it for some other purpose). It is created for LE validation and then removed once validation is completed.

I really didn’t know that. I just read about that and I saw that many people had problem with that folder, so I supposed maybe is something related to it.
I am going to try to do this from scratch again simply I don’t have an idea how to solve this.

Thanks @shillongserver and @Joe

Well… I solved this “issues”…
This was crucial sentence you should turn off IPv6
No, It was off, but I was put ON, but anyhow that was it!
And thank you so much ! @Joe

1 Like

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.