ASUS Router and QNAP NAS Let,s Encrypt problem


#1

Hello, I have a request for help regarding two certificates: ASUS and QNAP. Regarding QNAP, the server correctly registers the certificate and shows in the GUI that it is active … my_domain1111.myqnapcloud.com and I receive an email from Let’s Encrypt that the domain name my_domain.myqnapcloud.com will expire soon.
The ASUS router was all right with the domain my_domain.asuscomm.com and suddenly the update was blocked with the status “update”. I will add that both devices work on the same external IP address. I know that a similar topic was already on the forum, but I can not deal with this problem. Can I ask for some help and tips on what to do?
Regards Darek
(sorry for my english)


#2

Hello, will no one help me or will tell me what to do? Asus says that everything is OK and I still have a problem with the certificate … The router logs show …:
_Jun 2 19:20:20 kernel: /usr/sbin/acme-client: https://acme-v01.api.letsencrypt.org/acme/challenge/87kbDWr4kgSbk971nBkS2yXXKHCyq1_2vRfImAsCcKg/4927343449: bad response
Jun 2 19:20:20 kernel: /usr/sbin/acme-client: transfer buffer: [{ “type”: “http-01”, “status”: “invalid”, “error”: { “type”: “urn:acme:error:connection”, “detail”: “Fetching http://my_domain.asuscomm.com/.well-known/acme-challenge/dXlGFdgzhwWHB1fE9JKDTizyEm8B2K2RC9VyYks-gvc: Timeout during connect (likely firewall problem)”, “status”: 400 }, “uri”: “https://acme-v01.api.letsencrypt.org/acme/challenge/87kbDWr4kgSbk971nBkS2yXXKHCyq1_2vRfImAsCcKg/4927343449”, “token”: "dXlGFdgzhwWHB1fE9JKDTizyEm8B2K2RC9VyY
Jun 2 19:25:01 rc_service: service 1974:notify_rc restart_letsencrypt
Jun 2 19:25:07 kernel: /usr/sbin/acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 429
Jun 2 19:25:07 kernel: /usr/sbin/acme-client: transfer buffer: [{ “type”: “urn:acme:error:rateLimited”, “detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }] (189 bytes)
Jun 2 19:30:01 rc_service: service 2400:notify_rc restart_letsencrypt
Jun 2 19:30:08 kernel: /usr/sbin/acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 429
Jun 2 19:30:08 kernel: /usr/sbin/acme-client: transfer buffer: [{ “type”: “urn:acme:error:rateLimited”, “detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }] (189 bytes)
Jun 2 19:35:01 rc_service: service 2831:notify_rc restart_letsencrypt
Jun 2 19:35:09 kernel: /usr/sbin/acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 429
Jun 2 19:35:09 kernel: /usr/sbin/acme-client: transfer buffer: [{ “type”: “urn:acme:error:rateLimited”, “detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }] (189 bytes)
Jun 2 19:40:01 rc_service: service 3258:notify_rc restart_letsencrypt
Jun 2 19:40:09 kernel: /usr/sbin/acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 429
Jun 2 19:40:09 kernel: /usr/sbin/acme-client: transfer buffer: [{ “type”: “urn:acme:error:rateLimited”, “detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }] (189 bytes)
Jun 2 19:45:01 rc_service: service 3707:notify_rc restart_letsencrypt
Jun 2 19:45:07 kernel: /usr/sbin/acme-client: https://acme-v01.api.letsencrypt.org/acme/new-authz: bad HTTP: 429
_Jun 2 19:45:07 kernel: /usr/sbin/acme-client: transfer buffer: [{ “type”: “urn:acme:error:rateLimited”, “detail”: “Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }] (189 bytes)

Several times I changed the beginning of the domain: xxx.asuscomm.com unfortunately no changes :frowning:

Please, maybe someone already had that?
Regards…


#3

Is your device reachable from outside your network on port 80?

Maybe check your domain on https://letsdebug.net/ and see if it comes up with anything useful.


#4

Thanks for the answer … I do not know myself … actually checking that port 80 is unavailable, but the router in the logs shows that it connects to ASUS on port 80 … I do not know how to redirect port 80 from outside on a port that is theoretically open …
Regards


#5

If you are on a residential ISP, port 80 may be blocked.

This would not affect you personally since you are inside your own network, but it would affect others.

Otherwise,

  • double check the port forwarding rules on your router.
  • double check that the domain has your current IP address. I notice from the previous challenge URL that your IP address has since changed.

#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.