In short, it sounds like it, yes.
Have you aborted some of the attempts part way through ? if not, what commands are you running ?
http://screencast.com/t/5eFfauHLKU2 - just run a command following that instruction http://doc.ispsystem.com/index.php/Integraion_with_Letâs_Encrypt is look http://screencast.com/t/gDNPC8Q7Xa here https://crt.sh (I didnât see that any new cert been created).
the âPendingâ state is where you have asked for a token to prove ownership of a domain, and then not told Letâs Encrypt itâs ready to be tested. So from the âToo Many Pendingâ I wouldnât expect any certs issued - because the âpendingâ state is before that.
With only part of the log in your screen dump I canât tell fully, It may be a bug in the ISPmanager script. Iâd need the whole log to be certain, or you could ask the ISPmanager developer to take a look.
May be the problem that Iâm using NGINX server rather that Apache?
Possibly, I donât know the ISPmanager integration script, so I donât know if thatâs designed to run with nginx as well as apache or not.
Just a made a test the ISPmanager script created a folder http://domain.com/.well-known/acme-challenge/ ⌠I tried created a file 1.txt - http://domain.com/.well-known/acme-challenge/1.txt
it said:
404 Not Found
nginx/1.10.1
Something wrong file should be open ok?
Yes, something wrong there. That should open fine in the browser.
Have you got the âweb rootâ directory correct ? ( i.e. the base folder for the domain, in your file structure, where the .well-known/acme-challenge/ folder should be ( and then the 1.txt file within it )
location ~ /.well-known {
allow all;
}
âŚlooks like it solved issue
now its possible to access to 1.txt file. And I see that he have success to 40 alias (in my log) but for 41 alias it POPup with issue
May be somekind of firewall or DDOS protection on myserver block this?
It could be, yes. Whatâs the info immediately before the error ?
just re-run the command now 80 aliases are success and 81 is issued and certificates receiving process is stoped)âŚ
And right now receive issue http://screencast.com/t/ZtdAX0GEG
so again wait 3 hours?
Again, I need the debug info from just before the error really, in order to determine more where the error is. It does seem to be doing things in an odd way - with all the registrations
We want to do DNS based load balancing for ~ 2500 webradio streams and want to use one (sub-)subdomain per radio station. Is there any news concerning wildcard certificates?
Niko.
- Yes, just include all the domains with separate -d options. If you are using a new enough version of certbot, there is a --delete flag you can use. Or you can manually remove all reference to it in /etc/letsencrypt
~Tim
I donât have the post in front of me, but last I read, they werenât planning on supporting wildcard certificates (anytime soon anyway)
Thatâs (really) a pitty. 
(very, very much until itâs 20 chars)
Make sure you use --cert-name option
For example:
--cert-name mycertname
To see your certificate name, run certbot-auto certificates
Full example:
certbot-auto certonly --cert-name mydomain.com.br --renew-by-default -a webroot -n --expand --webroot-path=/usr/share/nginx/html \
-d mydomain.com.br \
-d www.mydomain.com.br \
-d aaa1.com.br \
-d aaa2.com.br \
-d aaa3.com.br
1 Like
In case you folks haven't seen the good news yet:
1 Like
Awesome to know in January is coming the Wildcard Certificates! Great help guys! Thanks a lot everyone!
This is the best from letsencrypt the awesome support you guys give! Its amazing! Thanks again!
1 Like