Can't Renew Certs on Amazon Lightsail

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: rds.com

I ran this command: sudo /opt/bitnami/letsencrypt/lego --tls --email="doug@rds.com" --domains="rds.com" --path="/opt/bitnami/letsencrypt" renew --days 90

It produced this output:
2024/06/24 07:25:50 [INFO] [rds.com] acme: Trying renewal with -608 hours remaining
2024/06/24 07:25:50 [INFO] [rds.com, assets.conversationsnetwork.org, cdn.conversationsnetwork.org, chi.conversationsnetwork.org, feeds.conversationsnetwork.org, itconversations.com, mc.conversationsnetwork.org, mediaconversations.com, mediaconversations.org, news.conversationsnetwork.org, origin.conversationsnetwork.org, rss.conversationsnetwork.org, sic.conversationsnetwork.org, warrenkaye.com, www.rds.com, www.warrenkaye.com] acme: Obtaining bundled SAN certificate
2024/06/24 07:25:51 acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many failed authorizations recently: see Failed Validation Limit - Let's Encrypt

My web server is (include version): Apache/2.4.51 (Unix)

The operating system my web server runs on is (include version):
Debian GNU/Linux 10 (buster)

My hosting provider, if applicable, is: Amazon/AWS

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.31.0

Please don't use the value 90 for the --days option: that would mean lego would try to renew when 90 days of validity are left, i.e., immediately. The default is 30 which is fine, so please remove this option entirely unless you actually know what you're doing.

You've hit this rate limit due to other problems earlier. This rate limit is now masking the actual issue. Please use the staging environment for testing to prevent hitting this rate limit and see the actual problem.

This lego version does not exist. Are you sure you've typed the lego version? Because that's the ACME client you're using. This looks more like an ancient Certbot version, but I don't see you using Certbot to issue a certificate, right?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.