SniCertificate::CertificateNonvalidError: Unable to verify challenge for julianscheinkoenig.de: 2a03:4000:61:89f7::20:3608: Invalid response from https://julianscheinkoenig.de/.well-known/acme-challenge/ThFMY-8kz1gsB8jXMYvI3sbqik2l-s5Izvma271ZOJo: 404
I recently switched domain providers and the automatic SSL certificate renewal seems to not work anymore after updating my DNS settings.
I ensured that the DNS settings are correct with pings and browser debugging tools. I am rather sure, the issue lies on Netlify’s end.
The string 2a03:4000:61:89f7::20:3608 is an IPv6 IP address. It is being returned by this AAAA type DNS record:
julianscheinkoenig.de. 21600 IN AAAA 2a03:4000:61:89f7::20:3608
The DNS record above points to an IP address controlled by netcup GmbH and not by Netlify. That record above must be deleted before Netlify can provision a Let’s Encrypt SSL certificate for this domain.
If you delete that record and still get SSL provisioning errors, please let us know. Also, please note the time-to-live (TTL) value for that record is six hours (21600 seconds) so errors may continue for up to six hours after it is deleted.