Failed to fetch discovery endpoint

Hello again,
i have some trouble with the Installation, it’s all running but i can not enter the cloud, i installed, i don’t know how many times and search in the internet for a solution, but i need your help
because i get this error Message in the air-nextcloud Container

Failed to fetch discovery endpoint from https://cloud.xxxx.de/
cURL error 35: OpenSSL/3.1.4: error:0A000438:SSL routines::tlsv1 alert internal error (see libcurl - Error Codes) for https://cloud.xxxx.de/hosting/discovery

and this in the apache

{“level”:“error”,“ts”:1709118047.076173,“logger”:“tls.obtain”,“msg”:“will retry”,“error”:“[cloud.xxxx.de] Obtain: [cloud.xxxx.de] solving challenge: cloud.xxxx.de: [cloud.xxxx.de] authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - no valid A records found for cloud.xxxx.de; no valid AAAA records found for cloud.xxxx.de (ca=https://acme-staging-v02.api.letsencrypt.org/directory)”,“attempt”:5,“retrying_in”:600,“elapsed”:610.182285456,“max_duration”:2592000}
{“level”:“error”,“ts”:1709118649.3462634,“logger”:“tls.issuance.acme.acme_client”,“msg”:“challenge failed”,“identifier”:“cloud.xxxx.de”,“challenge_type”:“tls-alpn-01”,“problem”:{“type”:“urn:ietf:params:acme:error:dns”,“title”:“”,“detail”:“no valid A records found for cloud.xxxx.de; no valid AAAA records found for cloud.xxxx.de”,“instance”:“”,“subproblems”:}}
{“level”:“error”,“ts”:1709118649.3463275,“logger”:“tls.issuance.acme.acme_client”,“msg”:“validating authorization”,“identifier”:“cloud.xxxx.de”,“problem”:{“type”:“urn:ietf:params:acme:error:dns”,“title”:“”,“detail”:“no valid A records found for cloud.xxxx.de; no valid AAAA records found for cloud.xxxx.de”,“instance”:“”,“subproblems”:},“order”:“https://acme-staging-v02.api.letsencrypt.org/acme/order/138235953/14879061043",“attempt”:1,"max_attempts”:3}
{“level”:“error”,“ts”:1709118649.3463666,“logger”:“tls.obtain”,“msg”:“could not get certificate from issuer”,“identifier”:“cloud.xxxx.de”,“issuer”:“acme-v02.api.letsencrypt.org-directory”,“error”:“HTTP 400 urn:ietf:params:acme:error:dns - no valid A records found for cloud.xxxx.de; no valid AAAA records found for cloud.xxxx.de”}
{“level”:“error”,“ts”:1709118649.3464143,“logger”:“tls.obtain”,“msg”:“will retry”,“error”:“[cloud.xxxx.de] Obtain: [cloud.xxxx.de] solving challenge: cloud.xxxx.de: [cloud.xxxx.de] authorization failed: HTTP 400 urn:ietf:params:acme:error:dns - no valid A records found for cloud.xxxx.de; no valid AAAA records found for cloud.xxxx.de (ca=https://acme-staging-v02.api.letsencrypt.org/directory)”,“attempt”:6,“retrying_in”:600,“elapsed”:1212.452535034,“max_duration”:2592000}

Do you have the correct dns records setup for that host?

Yes, i can make the domain check
I have set a A Record from the subdomain to my fix IPv4 Adress from my Router, i forward 3478, 433, 8443 to the Server were nc is running.

you need port forwarding for port 80 in order to allow letsencrypt certificate issuing using ACME http-01 challenge as well. AFAIK you don’t need port 8443

i think i’m to stupid for this…
i close Port 8443 and open 80, but it didn’t work, im not sure but must i generate a TXT Record for my dns like, but when i understand it correct i must at a Token on the end? Where i find it?
@ TXT _acme-challenge.cloud.xxxx.de

I’m sorry I was wrong looks you need 8443 as well.

If your firewall/router has port 80 and 8443 open/forwarded and you point a domain to your server, you can get a valid certificate automatically by opening the Nextcloud AIO Interface via:
https://your-domain-that-points-to-this-server.tld:8443

Please consult the docs: GitHub - nextcloud/all-in-one: The official Nextcloud installation method. Provides easy deployment and maintenance with most features included in this one Nextcloud instance.

I’d say the issue is pretty clear

Yes, maybe. I can understand what is the problem - the http01 challenge generation is the problem, i think the ports are working because the domain check is ok, when i try to open cloud.xxxx.de:8443 then i get this Message “Client sent an HTTP request to an HTTPS server.”
i can find the correct solution

Can i tun the acme challenge off?