Letsencrypt behind DS-Lite (ipv6 only) on nextcloudpi

I’m using a nextcloudpi installation to run nextcloud.
After I switched my ISP and pluged in my raspberry I learned (painfully) about the great concept of DS-Lite.

So long story short: After switching my DDNS provider (from strato to spDyn) I’m able to operate my nextcloud on a new domain from clients using ipv6 on normal http and on https (with my old certificat, filed for my old strato domain). Of course I want to use SSL encryption without getting a domain warnings everytime and tried to renew my certificat with the letsencrypt module of nextcloudpi.

Unfortunatley I’m getting this message everytime I try:
“urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain”

I’m pretty sure this is releated to my DS-Lite problems, because I’m able to connect to the raspberry via both http and https.

The spDyn domain does not have a ipv4 entry because of DS-Lite.
So am I right that the letsencrypt servers don’t support dns entries with only an AAAA and no A entry?

Is there anyway to use different parameters for the module to force letsencrypt to use ignore ipv4 and only use ipv6?