While home broadband can allocate IPV6 addresses, it effectively functions as a large local area network. This results in foreign certificate authorities being unable to access the website, leading to failed certificate issuance.
Solutions:
-
Issue certificates using IPV4 (this is a given, haha. How is it possible to have a standalone IPV4?).
-
Use the DNS API method in acme.sh for certificate issuance. This method does not validate HTTP accessibility but verifies domain ownership, allowing for the issuance of the certificate. For detailed instructions, refer to this article: https://bmzhp.com/knowledge/388 which describes the DNS method for certificate issuance. There are two types of DNS issuance:
- Manual verification issuance, which requires you to resolve the TXT value for the domain.
- DNS API issuance, which can be configured easily. Please refer to the article for specifics.