Can we obatin the new ssl certificate from same domain again

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: welldoneindia.co.in

I ran this command:
sudo certbot --apache -d welldoneindia.co.in -d www.welldoneindia.co.in -d app.welldoneindia.co.in

It produced this output:
aving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer apache
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for app.welldoneindia.co.in
http-01 challenge for welldoneindia.co.in
http-01 challenge for www.welldoneindia.co.in
Enabled Apache rewrite module
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.welldoneindia.co.in (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://www.welldoneindia.co.in/.well-known/acme-challenge/imZPGYLGvvrFWdQKS_-Oaw5DBpcjbCthVhUMXMNON2M: Timeout during connect (likely firewall problem), welldoneindia.co.in (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://welldoneindia.co.in/.well-known/acme-challenge/VHXMtX5yQA68J7Lq98rIA26M3Ywh9NwA5j9pFr6AjGs: Timeout during connect (likely firewall problem)

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: www.welldoneindia.co.in
  Type: connection
  Detail: Fetching
  http://www.welldoneindia.co.in/.well-known/acme-challenge/imZPGYLGvvrFWdQKS_-Oaw5DBpcjbCthVhUMXMNON2M:
  Timeout during connect (likely firewall problem)

  Domain: welldoneindia.co.in
  Type: connection
  Detail: Fetching
  http://welldoneindia.co.in/.well-known/acme-challenge/VHXMtX5yQA68J7Lq98rIA26M3Ywh9NwA5j9pFr6AjGs:
  Timeout during connect (likely firewall problem)

  To fix these errors, please make sure that your domain name was
  entered correctly and the DNS A/AAAA record(s) for that domain
  contain(s) the right IP address. Additionally, please check that
  your computer has a publicly routable IP address and that no
  firewalls are preventing the server from communicating with the
  client. If you’re using the webroot plugin, you should also verify
  that you are serving files from the webroot path you provided.

My web server is (include version):

The operating system my web server runs on is (include version):
Ubuntu 16.04

My hosting provider, if applicable, is:
AWS EC2 cloud computing

I can log in to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

Hi @lalit

you can create a new certificate, max. 5 certificates / week with the same set of domain names.

But there

is alread a certificate with these three domain names, created yesterday.

And your setting is curious:

Because now /.well-known/acme-challenge is open ( https://check-your-website.server-daten.de/?q=welldoneindia.co.in ):

The standard urls have a timeout - but the critical /.well-known/acme-challenge answers with a good http status 404 - not found. That's ok, because the file is unknown.

And if /.well-known/acme-challenge answers correct, you should be able to create a new certificate.

But first use

certbot certificates

to see your certificate.

@JuergenAuer
DAMN! Now I am getting the new error message from lets encrypt

An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see Rate Limits - Let's Encrypt

Any possible to make it working now ?

Wait one hour.

Or use the test system by adding --dry-run. That has it's own limits.

But don't install the test certificate.

After an hour, it will work, If i did’t use the test certificate @JuergenAuer

I just see I haven't enabled the Http port from the inbound section of AWS, that's why letsencrypt not able to reach

Did you mean I can get 5 certificates from letsencrypt for app.welldoneindia.co.in or total for welldoneindia.co.in including subdomains as well

@JuergenAuer

This

www.welldoneindia.co.in
welldoneindia.co.in
app.welldoneindia.co.in

is a set of domain names -> five identical per week.

But there is a second limit - 50 certificates per week per domain.

Thanks @JuergenAuer
Info was helpful, 5 Stars , Bit late

50 certificates is enough , i have make it working once and after that make it renew the same after 3 months

Renew it before 3 months (or it will be expired).

ACME clients should check to renew often (up to twice a day - every day).
And once it is close to expiring, it should start trying to renew (30 days before it expires).

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.