AttributeError: can't set attribute

Help
1

:hibiscus:

My domain is: education.ddns

I ran this command: certbot --apache

It produced this output:

root@raspberrypi:/etc/apache2/sites-available# certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: education.ddns.me
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1        
Requesting a certificate for education.ddns.me
An unexpected error occurred:
AttributeError: can't set attribute
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version):

Server version: Apache/2.4.57 (Debian)
Server built:   2023-04-13T03:26:51

The operating system my web server runs on is (include version):
Linux raspberrypi 6.1.0-rpi4-rpi-v8 #1 SMP PREEMPT Debian 1:6.1.54-1+rpt2 (2023-10-05) aarch64 GNU/Linux

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 2.1.0

Follwing a thread here I also did this command:

AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message
VirtualHost configuration:
*:80                   is a NameVirtualHost
         default server 127.0.1.1 (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost 127.0.1.1 (/etc/apache2/sites-enabled/000-default.conf:1)
         port 80 namevhost education.ddns.me (/etc/apache2/sites-enabled/education.ddns.me.conf:1)
*:443                  is a NameVirtualHost
         default server 127.0.1.1 (/etc/apache2/sites-enabled/default-ssl.conf:1)
         port 443 namevhost 127.0.1.1 (/etc/apache2/sites-enabled/default-ssl.conf:1)
         port 443 namevhost education.ddns.me (/etc/apache2/sites-enabled/education.ddns.me.conf:7)

Any advice ?

edit:
I carried on attempting and this is what I got back

raspberrypi:~ $ sudo certbot --apache
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Which names would you like to activate HTTPS for?
We recommend selecting either all domains, or all domains in a VirtualHost/server block.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: education.ddns.me
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for education.ddns.me
An unexpected error occurred:
Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: education.ddns.me, retry after 2023-10-29T06:16:35Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
2

What shows?:
certbot certificates

4 Likes
3 
sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
No certificates found.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4

Can you please show the contents of the letsencrypt.log file which contains the AttributeError: can't set attribute error? You probably need to look a few logs back, as the most recent one will be of the No certificates found run and the log(s) just before that from the too many certificates (5) already issued, which does not help tackeling the actual issue.

2 Likes
5

I made an emalagmation of every place it appears in the log file together with the preceeding 5 lines - hope its what you need

--
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2023-10-28 20:20:28,267:ERROR:certbot._internal.log:An unexpected error occurred:
2023-10-28 20:20:28,270:ERROR:certbot._internal.log:AttributeError: can't set attribute
--
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2023-10-28 20:23:54,537:ERROR:certbot._internal.log:An unexpected error occurred:
2023-10-28 20:23:54,539:ERROR:certbot._internal.log:AttributeError: can't set attribute
--
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2023-10-28 20:39:04,794:ERROR:certbot._internal.log:An unexpected error occurred:
2023-10-28 20:39:04,798:ERROR:certbot._internal.log:AttributeError: can't set attribute
--
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2023-10-28 20:49:25,285:ERROR:certbot._internal.log:An unexpected error occurred:
2023-10-28 20:49:25,287:ERROR:certbot._internal.log:AttributeError: can't set attribute
6

There's probably more info earlier than this error. Please provide the entire log or otherwise everything from the bottom up to where Certbot seems to be working correctly (connecting to the ACME server et cetera).

1 Like
7

Ok
The file was too long to copy here so here's a paste bin link 2023-10-28 19:13:12,560:DEBUG:certbot._internal.main:certbot version: 2.1.0202 - Pastebin.com (I did take my email out)

below is the first few lines of the log

2023-10-28 19:13:12,560:DEBUG:certbot._internal.main:certbot version: 2.1.0
2023-10-28 19:13:12,560:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2023-10-28 19:13:12,560:DEBUG:certbot._internal.main:Arguments: ['--apache']
2023-10-28 19:13:12,561:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-10-28 19:13:12,588:DEBUG:certbot._internal.log:Root logging level set at 30
2023-10-28 19:13:12,591:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2023-10-28 19:13:12,727:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.57
2023-10-28 19:13:13,206:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f8ad33d10>
Prep: True
2023-10-28 19:13:13,207:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f8ad33d10> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f8ad33d10>
2023-10-28 19:13:13,207:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2023-10-28 19:13:22,292:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-10-28 19:13:22,299:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-10-28 19:13:22,796:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-10-28 19:13:22,798:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 28 Oct 2023 18:13:22 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
 
{
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
  "t9YK8tHC7cg": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}
2023-10-28 19:13:26,525:DEBUG:acme.client:Requesting fresh nonce
2023-10-28 19:13:26,525:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-10-28 19:13:26,688:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-10-28 19:13:26,690:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 28 Oct 2023 18:13:26 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: x2pLemUfTSw2zXvhCbHWPCsuf21Sqs9MjYg3igq1DPuR396-f94
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
 
 
2023-10-28 19:13:26,691:DEBUG:acme.client:Storing nonce: x2pLemUfTSw2zXvhCbHWPCsuf21Sqs9MjYg3igq1DPuR396-f94
2023-10-28 19:13:26,692:DEBUG:acme.client:JWS payload:
b'{\n  "contact": [\n    "mailto:.com"\n  ],\n  "termsOfServiceAgreed": true\n}'
2023-10-28 19:13:26,720:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogInBDSjh1Mi1JN0NJci0tSTR3eW9OWERKaWJuZWVzc01HdHU4WFhTeVBFTWN3bG9vV3VtUUg5b0JHOHBMR00wcExkMm8xWXNGNkFzMXpfYi1TM0I5Ni1TOFBDY00tV0hJMGtQY1lZc3diRV82Mkd5OGFNekZmUjhrM2ZjNllvbHdMZUtJSjRGcTk2Wng2elhKd2VOdTlmUUFMV1VtZktMY0Y5ejJaTjlkNW84NUhEdGpRNlVUMjFELVg0dFVYVzBObWd2djB0NHNraHhsenRkWVFqcDFWZmxZQ1FGRFpkZ1NaMGQ5MzF5ckgxN1R2V2hZdlhsVENTVnZPQk5COE1ZdFd2SENvZmtIUWk1ZHNyQzVaNU9JX2JQTS1Bci1kYlhEM2ttMWxheFVUWGxlWWxwVzJacGJiZzd6MkxPZmQzd0hWbWpMN09KcDdxVGVudVVHUDFYbGFXUSIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAieDJwTGVtVWZUU3cyelh2aENiSFdQQ3N1ZjIxU3FzOU1qWWczaWdxMURQdVIzOTYtZjk0IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCJ9",
  "signature": "UZXtkWjURdtUHfwuaMLuOQ3cS5J3iwUptKCkPB1Jw4EThcUOEzmnEKZqc041pvllwIc0rYwC4ono-drGWnpOz5PjaSUk1DiUv_ITwsBGFTrqNDQ6JifPpg2KzUOV1rTuXZpgmwSI4cDTrkz7_EBTTg_Sg5F0Glxnz9W775UkR9b61a-EAqfkCWgCIt6MfgyvarCu4LDOvOp4EK5EDcj2pgIeLIIKK7MG6AO1X4d86tj9xLpVkHGrx1OV9Pmb_KBrd8xHNjRWzNazBsYWeLm1cFfFQrnu3CxEhg203bvpLFwot5NILqQbUkRbqeYZMAwAFJ9ELK7f6j3z15JJ0snq6w",
  "payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzp3aXNkb21saWdodEBwcm90b25tYWlsLmNvbSIKICBdLAogICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWUKfQ"
}
2023-10-28 19:13:26,892:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 595
2023-10-28 19:13:26,893:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Sat, 28 Oct 2023 18:13:26 GMT
Content-Type: application/json
Content-Length: 595
Connection: keep-alive
Boulder-Requester: 1384138916
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf>;rel="terms-of-service"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/1384138916
Replay-Nonce: x2pLemUfah4HRuwWCNC8t4bPgKgD2mVMQm3T185UutIGRwr4C6E
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
 
{
  "key": {
    "kty": "RSA",
    "n": "pCJ8u2-I7CIr--I4wyoNXDJibneessMGtu8XXSyPEMcwlooWumQH9oBG8pLGM0pLd2o1YsF6As1z_b-S3B96-S8PCcM-WHI0kPcYYswbE_62Gy8aMzFfR8k3fc6YolwLeKIJ4Fq96Zx6zXJweNu9fQALWUmfKLcF9z2ZN9d5o85HDtjQ6UT21D-X4tUXW0Nmgvv0t4skhxlztdYQjp1VflYCQFDZdgSZ0d931yrH17TvWhYvXlTCSVvOBNB8MYtWvHCofkHQi5dsrC5Z5OI_bPM-Ar-dbXD3km1laxUTXleYlpW2Zpbbg7z2LOfd3wHVmjL7OJp7qTenuUGP1XlaWQ",
    "e": "AQAB"
  },
  "contact": [
    "mailto:"
  ],
  "initialIp": "2a00:23c7:c886:3901:c4b2:764e:b284:3cde",
  "createdAt": "2023-10-28T18:13:26.801050328Z",
  "status": "valid"
}
2023-10-28 19:13:26,893:DEBUG:acme.client:Storing nonce: x2pLemUfah4HRuwWCNC8t4bPgKgD2mVMQm3T185UutIGRwr4C6E
2023-10-28 19:13:33,039:DEBUG:certbot._internal.display.obj:Notifying user: Account registered.
2023-10-28 19:13:33,040:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f89444310>)>), contact=('mailto:',), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1384138916', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf'), 5f10b26e50a9695618820ee149e8a70d, Meta(creation_dt=datetime.datetime(2023, 10, 28, 18, 13, 26, tzinfo=<UTC>), creation_host='raspberrypi', register_to_eff=''))>
2023-10-28 19:13:39,912:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for education.ddns.me
2023-10-28 19:13:39,919:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
2023-10-28 19:13:39,932:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem
2023-10-28 19:13:39,935:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "education.ddns.me"\n    }\n  ]\n}'
2023-10-28 19:13:39,943:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{

Below are the lasf few line of the log

  File "/usr/lib/python3/dist-packages/acme/client.py", line 575, in _check_response
    raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: education.ddns.me, retry after 2023-10-29T06:16:35Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/
 
During handling of the above exception, another exception occurred:
 
Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==2.1.0', 'console_scripts', 'certbot')())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1733, in main
    with make_displayer(config) as displayer:
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2023-10-28 20:49:25,285:ERROR:certbot._internal.log:An unexpected error occurred:
2023-10-28 20:49:25,287:ERROR:certbot._internal.log:AttributeError: can't set attribute
2023-10-28 20:59:50,775:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2023-10-28 20:59:51,640:DEBUG:certbot._internal.main:certbot version: 2.7.3
2023-10-28 20:59:51,641:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3435/bin/certbot
2023-10-28 20:59:51,641:DEBUG:certbot._internal.main:Arguments: ['--apache', '--preconfigured-renewal']
2023-10-28 20:59:51,642:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-10-28 20:59:51,677:DEBUG:certbot._internal.log:Root logging level set at 30
2023-10-28 20:59:51,680:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2023-10-28 20:59:51,818:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.57
2023-10-28 20:59:52,332:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: EntryPoint(name='apache', value='certbot_apache._internal.entrypoint:ENTRYPOINT', group='certbot.plugins')
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fa4d9fa30>
Prep: True
2023-10-28 20:59:52,334:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fa4d9fa30> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fa4d9fa30>
2023-10-28 20:59:52,334:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2023-10-28 20:59:52,754:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1384138916', new_authzr_uri=None, terms_of_service=None), 5f10b26e50a9695618820ee149e8a70d, Meta(creation_dt=datetime.datetime(2023, 10, 28, 18, 13, 26, tzinfo=<UTC>), creation_host='raspberrypi', register_to_eff=''))>
2023-10-28 20:59:52,756:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2023-10-28 20:59:52,761:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2023-10-28 20:59:53,268:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 752
2023-10-28 20:59:53,277:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 28 Oct 2023 19:59:53 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
 
{
  "PO4HoS0Ghk4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2023-10-28 21:00:03,061:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for education.ddns.me
2023-10-28 21:00:03,086:DEBUG:acme.client:Requesting fresh nonce
2023-10-28 21:00:03,086:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2023-10-28 21:00:03,248:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2023-10-28 21:00:03,250:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sat, 28 Oct 2023 20:00:03 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: x2pLemUflRn-7YVGEB0hJti3P64spISvnLUGwgE5DjQK6PrQJf8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
 
 
2023-10-28 21:00:03,252:DEBUG:acme.client:Storing nonce: x2pLemUflRn-7YVGEB0hJti3P64spISvnLUGwgE5DjQK6PrQJf8
2023-10-28 21:00:03,253:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "education.ddns.me"\n    }\n  ]\n}'
2023-10-28 21:00:03,283:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTM4NDEzODkxNiIsICJub25jZSI6ICJ4MnBMZW1VZmxSbi03WVZHRUIwaEp0aTNQNjRzcElTdm5MVUd3Z0U1RGpRSzZQclFKZjgiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
  "signature": "CH4jles69nUX4AMG3yt68MYU-qO3zGYTtq7weGNo2QLaj4ty0IWeLGn1vV4WEOMu_-nH4QPYOKHoJGPLAzs1bGhhAB2xJHZKqTRfTklxGi0OiPU-4qpl392e5OWqC2QxS-XlRcOz4WqgkqAa_BpI0-VWScXWbGq5ojQxMEbGQ9fsW28jGFisIYLlgTAEhVycZ3yisGljtjCTj6MKZc3BQKs-w8-OLXvbSxJ4VM5xsDxAWWa5Ye2QXzhW0YFgK1D-w8_fAR3x_meSeiZpq30jJD3qrPbRrv4refatPt7UBPQkmoj2yzL3mgHItOTE2RXKN94NkA3jZQbPQvEZ1khX_A",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogImVkdWNhdGlvbi5kZG5zLm1lIgogICAgfQogIF0KfQ"
}
2023-10-28 21:00:03,477:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 429 323
2023-10-28 21:00:03,499:DEBUG:acme.client:Received response:
HTTP 429
Server: nginx
Date: Sat, 28 Oct 2023 20:00:03 GMT
Content-Type: application/problem+json
Content-Length: 323
Connection: keep-alive
Boulder-Requester: 1384138916
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/docs/rate-limits>;rel="help"
Replay-Nonce: 7s7p4ygUTR0GxgjYWdMTV_b4NPBneLIdUPtxGx6YIQLZOvVSaMA
Retry-After: 36992
 
{
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: education.ddns.me, retry after 2023-10-29T06:16:35Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/",
  "status": 429
}
2023-10-28 21:00:03,501:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/snap/certbot/3435/bin/certbot", line 8, in <module>
    sys.exit(main())
  File "/snap/certbot/3435/lib/python3.8/site-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
  File "/snap/certbot/3435/lib/python3.8/site-packages/certbot/_internal/main.py", line 1873, in main
    return config.func(config, plugins)
  File "/snap/certbot/3435/lib/python3.8/site-packages/certbot/_internal/main.py", line 1450, in run
    new_lineage = _get_and_save_cert(le_client, config, domains,
  File "/snap/certbot/3435/lib/python3.8/site-packages/certbot/_internal/main.py", line 143, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/snap/certbot/3435/lib/python3.8/site-packages/certbot/_internal/client.py", line 517, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/snap/certbot/3435/lib/python3.8/site-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/snap/certbot/3435/lib/python3.8/site-packages/certbot/_internal/client.py", line 478, in _get_order_and_authorizations
    orderr = self.acme.new_order(csr_pem)
  File "/snap/certbot/3435/lib/python3.8/site-packages/acme/client.py", line 138, in new_order
    response = self._post(self.directory['newOrder'], order)
  File "/snap/certbot/3435/lib/python3.8/site-packages/acme/client.py", line 366, in _post
    return self.net.post(*args, **kwargs)
  File "/snap/certbot/3435/lib/python3.8/site-packages/acme/client.py", line 739, in post
    return self._post_once(*args, **kwargs)
  File "/snap/certbot/3435/lib/python3.8/site-packages/acme/client.py", line 752, in _post_once
    response = self._check_response(response, content_type=content_type)
  File "/snap/certbot/3435/lib/python3.8/site-packages/acme/client.py", line 603, in _check_response
    raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: education.ddns.me, retry after 2023-10-29T06:16:35Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/
2023-10-28 21:00:03,529:ERROR:certbot._internal.log:An unexpected error occurred:
2023-10-28 21:00:03,530:ERROR:certbot._internal.log:Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: education.ddns.me, retry after 2023-10-29T06:16:35Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/
2023-10-28 23:00:55,695:DEBUG:urllib3.connectionpool:http://localhost:None "GET /v2/connections?snap=certbot&interface=content HTTP/1.1" 200 97
2023-10-28 23:00:56,101:DEBUG:certbot._internal.main:certbot version: 2.7.3
2023-10-28 23:00:56,102:DEBUG:certbot._internal.main:Location of certbot entry point: /snap/certbot/3435/bin/certbot
2023-10-28 23:00:56,102:DEBUG:certbot._internal.main:Arguments: ['--preconfigured-renewal']
2023-10-28 23:00:56,102:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2023-10-28 23:00:56,135:DEBUG:certbot._internal.log:Root logging level set at 30
2023-10-28 23:00:56,139:DEBUG:certbot._internal.display.obj:Notifying user: No certificates found.

You will see that I moved from certbot installed directly no Debian to certbot installed with snapd

8

Unfortunately all the logs present are for the too many certificates error. Not from a successful certificate issuance run. But you can see the attribute error is gone when you upgraded to 2.7.3 using snap. Although that won't help you getting a new certificate due to the rate limit.

What you can do is use the staging environment to see if issuance will work when the rate limit for the production environment is lifted.

1 Like
9

OK, any advice on documentation on how to do this?
Many thanks

10

or

https://eff-certbot.readthedocs.io/en/stable/using.html#changing-the-acme-server

4 Likes
11

I would delete that log file [to start a new one] - it tells us nothing about the initial error.
Ensure that you have waited more than an hour since it failed and then try it once again.
Then post that new log here.

3 Likes
12

Thank you.
I have changed settings and I am using a different domainname and it worked immediatly.
Thank you for your help

1 Like
13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.