GitLab Pages - letsencrypt fails with infinite redirect loop

Recently this was still working, so we guess this is a regression

{"component": "gitlab","subcomponent":"application_json","severity":"ERROR","time":"2025-05-19T14:41:18.924Z","meta.caller_id":"PagesDomainSslRenewalWorker","correlation_id":"8d453acfa4bca506d664a82dd98c5884","meta.root_caller_id":"Cronjob","meta.feature_category":"pages","meta.project":"xxx/xxx/xxx","meta.root_namespace":"xxx","meta.client_id":"ip/","message":"Failed to obtain Let's Encrypt certificate","acme_error":{"type":"urn:ietf:params:acme:error:connection","detail":"xxx: Fetching https://xxx.de/-/acme-challenge?domain=xxx.xxx.de\u0026token=*******: Redirect loop detected","status":400},"project_id":3260,"pages_domain":"xxx.xxx.de"}

Resolution

Customer response: #543733 (comment 2530080429)

After a long search, https://letsdebug.net/ gave us finally the answer to what was going wrong. So for anyone facing this, try running the affected domains through https://letsdebug.net/ . One IPv6 Address went silently missing, and this totally slipped through any debugging and testing yet. The lets encrypt message is very misleading, as it reports a wrong error.