Hey guys and girls, I also have Letsencrypt issues (just saw another post, could be related, did not want to hijack that thread).
I'm an CentOS admin, running some Directadmin 1.61.5 machines. On all machines, I use letsencrypt for the control panel itself (all different hostnames in the same domain). All certificates expired a few hours ago, and I can't renew them because of the dreaded "Error creating new order :: too many certificates already issued for exact set of domains" error.
After some digging around and looking at the issued certs (https://crt.sh/), it looks as though my servers have been requesting new certificates every f*cking day, but somehow now saved these certs on disk. Now I'm hitting LetsEncrypt's rate limits, because my servers requested a new certificate every day, and I can't get another one.
If I look at the files in /etc/httpd/conf/ssl.crt/, I see /etc/httpd/conf/ssl.crt/server.crt was last updated in February, and it contains the expired cert. However, looking at crt.sh, I see letsencrypt succesfully issued a cert. Where is it?
My last succesful cert was issued 15 Feb, and starting April 17th, the new certificates were requested, issued, but never installed. So somewhere in this period, it looks like something changed in DirectAdmin or its helper scripts, preventing new certs from being installed.
Anyone else have any idea how I can fix this? The problem is that I can't test it, because of LetsEncrypt's rate limiting :-/
I'm an CentOS admin, running some Directadmin 1.61.5 machines. On all machines, I use letsencrypt for the control panel itself (all different hostnames in the same domain). All certificates expired a few hours ago, and I can't renew them because of the dreaded "Error creating new order :: too many certificates already issued for exact set of domains" error.
After some digging around and looking at the issued certs (https://crt.sh/), it looks as though my servers have been requesting new certificates every f*cking day, but somehow now saved these certs on disk. Now I'm hitting LetsEncrypt's rate limits, because my servers requested a new certificate every day, and I can't get another one.
If I look at the files in /etc/httpd/conf/ssl.crt/, I see /etc/httpd/conf/ssl.crt/server.crt was last updated in February, and it contains the expired cert. However, looking at crt.sh, I see letsencrypt succesfully issued a cert. Where is it?
My last succesful cert was issued 15 Feb, and starting April 17th, the new certificates were requested, issued, but never installed. So somewhere in this period, it looks like something changed in DirectAdmin or its helper scripts, preventing new certs from being installed.
Anyone else have any idea how I can fix this? The problem is that I can't test it, because of LetsEncrypt's rate limiting :-/
I use both that subdomain and the panel.