# Problem Provisioning SSL with Let's Encrypt **URL:** https://discourse.roots.io/t/problem-provisioning-ssl-with-lets-encrypt/22528 **Category:** trellis **Created:** 2022-03-10T16:02:28Z **Posts:** 5 ## Post 1 by @treb0r — 2022-03-10T16:02:28Z I upgraded Trellis on one of my sites today. I decided to refresh the droplets for Staging and Production at the same time. The staging provisioning worked first time, but when I tried to provision production, I kept getting an error that the acme challenge file was not found. When I looked more closely, I can see that let’s encrypt is trying to load: ``` http://www.mysite.com/.well-known/acme-challenge/ZFCDUPM4A9VEFN7tXEWPjyHmAhM9uRzQEJTACtn1WPk ``` Instead of: ``` http://mysite.com/.well-known/acme-challenge/ZFCDUPM4A9VEFN7tXEWPjyHmAhM9uRzQEJTACtn1WPk ``` without the leading ‘www’. I tried removing the ‘redirects: - [www.mysite.com](http://www.mysite.com)’ from my production wordpress\_sites.yml but then I get more errors. I’ve never run in to this problem before. Does anyone know what might be causing it? --- ## Post 2 by @strarsis — 2022-03-10T17:08:14Z One less known issue is an incorrect IPv6 `AAAA` DNS record. Let’s Encrypt prefers IPv6 `AAAA` over IPv4 `A` DNS records. When the IPv6 `AAAA` record is incorrect or the HTTP server doesn’t correctly listen on IPv6, validation will fail, even when it is possible over IPv4. So better have no IPv6 `AAAA` DNS record than an incorrect one. --- ## Post 3 by @swalkinshaw — 2022-03-11T00:25:35Z > [@treb0r](#): > > without the leading ‘www’. SSL requires a certificate for _each_ host which means `mysite.com` and `www.mysite.com` are considered different. This also means Trellis creates challenges for each one. You didn’t post the exact error message, but I’m assuming there’s an issue with your DNS entries (as @strarsis hinted). `mysite.com` might be succeeding so you’re only seeing the failure for `www.mysite.com`. --- ## Post 4 by @jackyjoy123 — 2022-03-11T08:00:46Z thanks for the awesome information. --- ## Post 5 by @treb0r — 2022-04-08T13:56:47Z Thanks Scott, and sorry I missed this before. I will give it another try.