Let's encrypt failed for hostname

S

ShinJii

Verified User
Joined
Mar 20, 2014
Messages
221
Hi,
There wasn't problem till now.... my hostname is server.domain.com and I have also domain.com added as normal domain - wildcard for *.domain.com generated fine but for server.domain.com I have outdated SSL since 24.04.2021... I don't know why it was generating fine till now... something changed in let's encrypt or what?

If I try this:
Code: 
/usr/local/directadmin/scripts/letsencrypt.sh request_single serwer.domain.com 4096

I got this:
Code: 
2021/05/10 18:01:07 [INFO] [serwer.domain.com] acme: Obtaining SAN certificate
2021/05/10 18:01:07 Could not obtain certificates:
        acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many certificates already issued for exact set of domains: serwer.domain.com: see https://letsencrypt.org/docs/rate-limits/, url:  
Certificate generation failed.
I had few days ago different error [before this limit above]... something like "too many certificates generated for domain.com"...

Why it's failing? If wildcard is fine... why directadmin want to use different certificate for server.domain.com if I have wildcard *.domain.com ?

@smtalk any idea?
 
ShinJii said:
my hostname is server.domain.com
Click to expand...
So why are you requesting for serwer.domain.com? typo?

Anyway, the reason that it's failing is stated in the error:
ShinJii said:
Error creating new order :: too many certificates already issued for exact set of domains: serwer.domain.com: see https://letsencrypt.org/docs/rate-limits/
Click to expand...
And what you are writing the "something like" also looks like too many certificates.

ShinJii said:
why directadmin want to use different certificate for server.domain.com if I have wildcard *.domain.com ?
Click to expand...
Because *.domain.com is for the domain name and server.domain.com is the hostname. Hostname is not subdomain. So a seperate certificat is used.
I think best wait a week and try again. Or check why so many requests are made for that domain that you run into rate limits.
 
Richard G said:
So why are you requesting for serwer.domain.com? typo?

Anyway, the reason that it's failing is stated in the error:

And what you are writing the "something like" also looks like too many certificates.


Because *.domain.com is for the domain name and server.domain.com is the hostname. Hostname is not subdomain. So a seperate certificat is used.
I think best wait a week and try again. Or check why so many requests are made for that domain that you run into rate limits.
Click to expand...

1. Yes, typo writing here ;)
2. But it's getting this error since a month lol... and like I wrote, after reset limit there's error like "too many certificates for that domain" - there wasn't problem earlier since 1-2 years... so... I don't know where's problem... I didn't change anything.
is there any logs for that all automatic Let's Encrypt tries?
 
Halo.... anyone? it's still not generated.... it makes me angry...
 
1) It's rate-limited now, you need to wait until rate-limit expires.
2) Make sure you run latest version of letsencrypt.sh, because I think you may have an old version there.
3) If you still have any problems, please create a DA support ticket, if your license is a DC license - please contact your DC for the support.
 
But why it can't generate since ~1.5 month? lol... I have newest version of custombuild and let's encrypt.
Funniest thing is that the Directadmin panel (server.domain.com:2222) give an error because of old certificate but the same subdomain for example with phpmyadmin (server.domain.com/phpmyadmin) is okay because technically it's generated normally in that domain like other subdomains.
@smtalk
 
You must log in or register to reply here.
Back
Top