PROBLEM: SSL Certbot Nginx

As I was following thought the tutorial ( I get stuck on the step 4, I get this:

Challenge failed for domain Challenge failed for domain http-01 challenge for http-01 challenge for Cleaning up challenges Some challenges have failed.


I already check for the DNS A and I get the correct ip and also with the AAAA, but I can’t make it work, I waited maybe a day, it seems that it doesn’t help, I even use “ufw disable” just to check if the firewall is not blocking something, but It keeps the same.

I checked the logs on /var/log/letsencrypt/lestencrypt.log, but it seems to be the same, I tried to use “root /home/KatzeCommunity/proyect-KC/;” and “root /var/www/html” in the /etc/nginx/sites-available/default, but it doesn’t work in any case.

Not only that, but I tried to use these on the same document:

    location /.well-known/acme-challenge/ {
            try_files $uri = 404;
            root /var/www/html;

    location /.well-known {
            allow all;

And I seem that certbot can get the.well-known/acme-challenge/… neither.

And the last thing I tried was using the “Add certificate” option in the Security Tab under the Settings panel on my digital ocean account, but it doesn’t let me use the https on my website (I tried this first the first time I tried to get SSL on my website).

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

The solution to this issue for me was to add the following lines to my Nginx configuration server block:

listen 80;
listen [::]:80;

It turns out Nginx defaults to “listen *:80;” if no listen directive is present. This means Nginx by default ignores IPv6 requests. Certbot uses IPv6 for the challenge, so it fails.