Getting certificate when IPv6 is enabled

When setting up in a system capable of IPv6, make sure your domain has the relevant AAAA records, not just A records. This may be obvious to everyone but me.

I switched from an IPv4-only VPS to one that also supports IPv6, installed Caddy 2.7.5, and created a minimal Caddyfile to point to a simple test page before continuing with all the other work necessary. I struggled to get a certificate until I remembered an IPv6 problem I’d had with an Android app. I examined the entire network path all the way out to my domain records. Sure enough, I’d neglected to add AAAA records. I did that and BOOM! certificate fetching happened and my test page became accessible to the web.

1. The problem I’m having:

Unable to successfully run the automatic Let’s Encrypt procedure.

2. Error messages and/or full log output:

Solved the problem before I thought to capture error messages.

In effect, systemctl status caddy reported something like "request invalid, will fail"

3. Caddy version:

Caddy version 2.7.5

4. How I installed and ran Caddy:

Direct install (i.e. no Docker or other containers) to Virtual Private Server on Oracle Cloud Infrastructure

a. System environment:

Bare metal install
Ubuntu 22.04.4 LTS
ARM: dual CPU, 12 GB memory
Oracle Cloud Infrastructure

b. Command:

caddy reload to use current Caddyfile

systemctl status caddy to check for errors

c. Service/unit/compose file:

Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

# yes, this is the full Caddyfile during testing {
        root * /var/www/jadero

5. Links to relevant resources:

Here is Let’s Encrypt’s documentation on IPv6

Let’s Encrypt uses Multi-Perspective Validation Improves Domain Validation Security - Let’s Encrypt
And Let's Encrypt is adding two new remote perspectives for domain validation - API Announcements - Let's Encrypt Community Support