Hi again @Radon,
Thanks for sharing your domain name.
I went and looked in our server-side logs to try and determine what the ASUS ACME client was doing. You should definitely open a support ticket with ASUS, there is a bug with their ACME client.
I went back to the earliest requests for your domain in our logs. Here is some information you can share with them from the first failure:
- At 2018-01-29T19:42:28 the ASUS ACME client POSTed
new-authz for the identifier
radon64.assuscomm.com, getting back a pending authorization object.
- At 2018-01-29T19:42:29 the ASUS ACME client POSTed the HTTP-01 challenge of the pending authorization, asking Let’s Encrypt to validate the authorization.
- At 2018-01-29T19:42:34 before the validation attempt was completed, the ASUS ACME client POSTed
new-cert, sending a CSR for
radon64.assuscomm.com. Since the authorization for this domain wasn’t valid, the
"Error":"authorizations for these names not found or expired: radon64.asuscomm.com" result is returned to the client
- At 2018-01-29T19:42:39 the validation attempt from our side fails with a timeout error:
"Error":"connection :: Fetching http://radon64.asuscomm.com/.well-known/acme-challenge/<token>: Timeout"
Since then the same pattern has repeated a few times: creating a new authz, starting the HTTP-01 challenge, asking for a cert before the authorization is valid and failing, and then the HTTP-01 challenge timing out.
Most recently all further attempts have been getting back:
:["429 :: rateLimited :: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/"] because too many failures have occurred.
The fix for this problem will have to be provided on the ASUS side. They should not be trying to issue a certificate with
new-cert until all required authorizations are valid.
Hope this helps!