Let's encrypt install / renew connection error


My Let’s encrypt certificate was correctly installed. But it renewed in May… and I had this error every day “urn:acme:error:connection”.

I thought removing the let’s encrypt certificate and re-installed it could help, but now HSTS prevents me to connect from my browser, and no application accept to connect… and let’s encrypt don’t accept to install itself : “Could not connect to MYDOMAIN”.
The acme api JSON status indicate:

type	"http-01"
status	"invalid"
type	"urn:acme:error:connection"
detail	"Could not connect to MYDOMAIN"
status	400

Coming from:

sudo yunohost domain cert-install
Erreur : rogerlambda.info challenge did not pass: {u'status': u'invalid', u'validationRecord': [{u'addressesResolved': [uMYIPV', u'MYIPV6'], u'url': u'http://MYDOMAIN/.well-known/acme-challenge/EwiDKgd2nkunukw-Cu49Fnpjt0kd3lCC1gXD-wc', u'hostname': u'MYDOMAIN', u'addressesTried': [], u'addressUsed': u'MYIPV6', u'port': u'80'}], u'keyAuthorization': u'EwiDKrjgnWZVSZRaI8w-Cu49Fnpjt0sdf354gXD-wc.29uY5HBTZL_kXyshUZohmQwNcaKOqhCD1tguRvgYixE', u'uri': u'https://acme-v01.api.letsencrypt.org/acme/challenge/nfcXsvaMF7rNKUBPEFVAu_dsqf3654MlYoo/1262916195', u'token': u'EwiDKrjgnWZVSZRaI8w-Cu49Fnsdf3543lCC1gXD-wc', u'error': {u'status': 400, u'type': u'urn:acme:error:connection', u'detail': u'Could not connect to MYDOMAIN'}, u'type': u'http-01'}
Erreur : Certificate installation for MYDOMAIN failed !
Exception: [Errno 22] La signature du nouveau certificat a échoué

But I can access to this http://MYDOMAIN/.well-known/acme-challenge/EwiDKgd2nkunukw-… address. I get a page with a code.
Any idea how to resolve this? Thanks !

IPv6 seems to be the problem. Challenge is reachable in IPv4 but not in IPv6. Removing the IPv6 from the DNS records allows to register the certificate…

Next step, get back the IPv6 record and make it work…