Banned from LE?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:
le64.exe -email "myemailhere" -key account.key -csr domain.csr -csr-key domain.key -crt domain.crt -domains "," -generate-missing -live

It produced this output:
2022/10/23 15:06:52 [ Crypt::LE client v0.38 started. ]
2022/10/23 15:06:52 Generating a new account key
2022/10/23 15:06:54 Saving generated account key into account.key
2022/10/23 15:06:54 Generating a new CSR for domains,
2022/10/23 15:06:54 New CSR will be based on a generated key
2022/10/23 15:06:54 Saving a new CSR into domain.csr
2022/10/23 15:06:54 Saving a new CSR key into domain.key
2022/10/23 15:07:15 Could not load the resource directory: Could not connect to '': Bad address

My web server is (include version):
Doesn't matter I suppose

The operating system my web server runs on is (include version):
Doesn't matter I suppose

My hosting provider, if applicable, is:
Doesn't matter I suppose

I can login to a root shell on my machine (yes or no, or I don't know):
Not the case

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Cpanel, but it doesn't matter

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
As in output

Everything worked 3 months ago - I created multiple certs. For some time now I get the same answer as above. Doesn't matter the domain, email, whatever. Tried switching firewall on/off - nothing. Tried VPN - no.


Everything miraculousy works on a different Win 10 64-bit machine (same system) in the same network.

Ideas? Appreciate any :slight_smile:

Show us the output of

curl.exe -v


I suppose it does matter..

  • Trying 2606:4700:60:0:f53d:5624:85c7:3a2c:443...
  • Connected to (2606:4700:60:0:f53d:5624:85c7:3a2c) port 443 (#0)
  • schannel: disabled automatic use of client certificate
  • ALPN: offers http/1.1
  • ALPN: server accepted http/1.1

GET /directory HTTP/1.1
User-Agent: curl/7.83.1
Accept: /

Fun fact - after that I tried generating and ... it worked. WTF seriously :confused: I tried to do this for 3 straight days after which I decided to seek help :slight_smile:

Probably friend - my point was that I tried on 2 PCs with Win 10 64 bit and I didnt even got the part of putting the cert on the webserver - which is why i mentioned that the system of the webserver does not matter :slight_smile:

Just a quick point ... you just provided the answer that people were asking for. And it took you 3 posts to do that, rather than a simple single line in the original post.

Really, OS does matter, because the directions for each can be radically different. Troubleshooting requires knowing which set of instructions they're looking for, even if it's the same as another machine.

I'm also having trouble with CentOS Stream 9, which lacks official support to begin with. And trust me when I say that troubleshooting that is a far different beast that troubleshooting yours.

The more info people have about the situation, the faster you reach a resolution, because the fewer questions they have to ask.


Broken resolver?

Broken firewall?


IPv4/IPv6 issue?
Did the ones that work also have IPv6 enabled?


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.