Certbot Problem

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: offclkaan.de

I ran this command: certbot --apache

It produced this output:

My web server is (include version): apache2

The operating system my web server runs on is (include version): Debian 12

My hosting provider, if applicable, is: FastLayer

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): nothing

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.1.0

2 
2024-08-11 20:06:21,891:DEBUG:certbot._internal.main:certbot version: 2.1.0
2024-08-11 20:06:21,891:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-08-11 20:06:21,891:DEBUG:certbot._internal.main:Arguments: ['--apache']
2024-08-11 20:06:21,892:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-08-11 20:06:21,896:DEBUG:certbot._internal.log:Root logging level set at 30
2024-08-11 20:06:21,896:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2024-08-11 20:06:21,929:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.61
2024-08-11 20:06:22,024:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fb3d43611d0>
Prep: True
2024-08-11 20:06:22,025:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fb3d43611d0> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7fb3d43611d0>
2024-08-11 20:06:22,025:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2024-08-11 20:06:41,528:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-08-11 20:06:41,529:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-08-11 20:06:42,000:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 746
2024-08-11 20:06:42,001:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 11 Aug 2024 18:06:41 GMT
Content-Type: application/json
Content-Length: 746
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "14r5swto87M": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-08-11 20:06:44,028:DEBUG:acme.client:Requesting fresh nonce
2024-08-11 20:06:44,028:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-08-11 20:06:44,183:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-08-11 20:06:44,183:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 11 Aug 2024 18:06:44 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: cgBcsAuLqLSz3znT211m29tOC2YfZd0jbz7_XTr6nQgRDloXyyg
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2024-08-11 20:06:44,183:DEBUG:acme.client:Storing nonce: cgBcsAuLqLSz3znT211m29tOC2YfZd0jbz7_XTr6nQgRDloXyyg
2024-08-11 20:06:44,183:DEBUG:acme.client:JWS payload:
b'{\n  "contact": [\n    "mailto:mail@fastlayer.eu"\n  ],\n  "termsOfServiceAgreed": true\n}'
2024-08-11 20:06:44,186:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-acct:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAiandrIjogeyJuIjogIm9uaUdCbk1LZnBUVFk0TmkxNWl5Sm5leUFCN0ZmNXBHWVhEXzRBMWJLQ1k0SS1EVTRhb1BjN1Y0RndrTlNnaTZyN0wtT2VYLWFTalNsQzcweWtvSnRNV3pQZzNENnJVY1BqYzFHTnVrMzA5dlAwU2VaakxBbnFJbkdvRklkZU9zWjIxRDFtQzlCS1dySjBQWE9kdkVseTVBYjBlU1phSktzSzVaUUMxT3VqT210aERYMmF4SkpMRmhwSm8xa0RRV2hxV0ZGV3BNVjNMMXoyR2dEMzR3UUhuMVN4Y1I0d0FaeV8yOWtvRDFqTlpzSm9mc0xkc3hGOVRqWm9nYkVzLU1oN19FQkJIdkhRNjFXZWpoZW11UlZlNk9xZ05pVEpqWmlMUVUxUTJScE5EUE5FY0FuMnI4eklrMU56M0lEdUt2dl9kTkxYTlZ0TERWNzYwWUdndU5KUSIsICJlIjogIkFRQUIiLCAia3R5IjogIlJTQSJ9LCAibm9uY2UiOiAiY2dCY3NBdUxxTFN6M3puVDIxMW0yOXRPQzJZZlpkMGpiejdfWFRyNm5RZ1JEbG9YeXlnIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctYWNjdCJ9",
  "signature": "JjIrjKUG23l_OCn6f9OroUhQEnvgqWMYV_PyvcaKoEyg2UVlPsaVj0h2zg7eXQpOnroe4c1hQCBdgxMQCji5CMMNRJXFt3c-YiekksLVpymci-K8hp3_qUOaD0bgaFtwkxQROSvev19fJ1_6oTazBJAhpJXxgxVR4bh_oR89EMpryv3c1zDWVuY4chdXOfn1EJhUib_MnGS5TbCWgZBSSgCQmzgCYNROA-SpfeVy3DypEbK3zAsA7GagbYiDDHhHHq1lAuXGg4QjS21_y_JZbZBJlx2Jrt1G8XhsGDLiSVToEwej4y1XNSNyaIBjS2wNLpYvsfsaCtI6qrBoxDYPGg",
  "payload": "ewogICJjb250YWN0IjogWwogICAgIm1haWx0bzptYWlsQGZhc3RsYXllci5ldSIKICBdLAogICJ0ZXJtc09mU2VydmljZUFncmVlZCI6IHRydWUKfQ"
}
2024-08-11 20:06:44,355:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-acct HTTP/1.1" 201 561
2024-08-11 20:06:44,356:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Sun, 11 Aug 2024 18:06:44 GMT
Content-Type: application/json
Content-Length: 561
Connection: keep-alive
Boulder-Requester: 1885871776
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf>;rel="terms-of-service"
Location: https://acme-v02.api.letsencrypt.org/acme/acct/1885871776
Replay-Nonce: cgBcsAuLa6PJtaLlT8i6bwLji_f1k2zGwD7C6ArZYAUgCHsKPBQ
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "key": {
    "kty": "RSA",
    "n": "oniGBnMKfpTTY4Ni15iyJneyAB7Ff5pGYXD_4A1bKCY4I-DU4aoPc7V4FwkNSgi6r7L-OeX-aSjSlC70ykoJtMWzPg3D6rUcPjc1GNuk309vP0SeZjLAnqInGoFIdeOsZ21D1mC9BKWrJ0PXOdvEly5Ab0eSZaJKsK5ZQC1OujOmthDX2axJJLFhpJo1kDQWhqWFFWpMV3L1z2GgD34wQHn1SxcR4wAZy_29koD1jNZsJofsLdsxF9TjZogbEs-Mh7_EBBHvHQ61WejhemuRVe6OqgNiTJjZiLQU1Q2RpNDPNEcAn2r8zIk1Nz3IDuKvv_dNLXNVtLDV760YGguNJQ",
    "e": "AQAB"
  },
  "contact": [
    "mailto:mail@fastlayer.eu"
  ],
  "initialIp": "185.155.223.83",
  "createdAt": "2024-08-11T18:06:44.260607733Z",
  "status": "valid"
}
2024-08-11 20:06:44,356:DEBUG:acme.client:Storing nonce: cgBcsAuLa6PJtaLlT8i6bwLji_f1k2zGwD7C6ArZYAUgCHsKPBQ
2024-08-11 20:06:46,720:DEBUG:certbot._internal.display.obj:Notifying user: Account registered.
2024-08-11 20:06:46,720:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7fb3d0152190>)>), contact=('mailto:mail@fastlayer.eu',), agreement=None, status='valid', terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1885871776', new_authzr_uri=None, terms_of_service='https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf'), 83b783c1df78fc63c0d2bd7960fdd9b3, Meta(creation_dt=datetime.datetime(2024, 8, 11, 18, 6, 44, tzinfo=<UTC>), creation_host='vault.offclkaan.de', register_to_eff='mail@fastlayer.eu'))>
2024-08-11 20:06:49,336:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for vault.offclkaan.de
2024-08-11 20:06:49,338:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0000_key-certbot.pem
2024-08-11 20:06:49,339:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0000_csr-certbot.pem
2024-08-11 20:06:49,340:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "vault.offclkaan.de"\n    }\n  ]\n}'
2024-08-11 20:06:49,341:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTg4NTg3MTc3NiIsICJub25jZSI6ICJjZ0Jjc0F1TGE2UEp0YUxsVDhpNmJ3TGppX2YxazJ6R3dEN0M2QXJaWUFVZ0NIc0tQQlEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
  "signature": "crUq-H9U4R_-Y9azzRutNwxHpXBFHQ8lmutg5QBIjEV90npUgZ3HpsTswRACgDcEiBfEgXZLHXzt9KGR1UkpY-WjTDKLsQlSe1AvUo1c8lGyOzVppbULs6f6w1tiQ6tCgSoP7s2JaUvVSc09_-slKUqKIoKitwTAA3pj-upE1r23mSy2qaCs4_JdE5LocUptIMvoxU6kc1QVQgjvPyYX2PAgI-h1XSMv5xiIaVBH5G-s0qebfKVeQ1hVQpmrPvvK6pjJ5GYZEU_VYDQbTdHfWLu3hF1fKTeuwtYS4-D3DhaNlt0n54o4fmLgUjtqYl7j3Zb4WM3kULBeGPYqa61FkA",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInZhdWx0Lm9mZmNsa2Fhbi5kZSIKICAgIH0KICBdCn0"
}
2024-08-11 20:06:49,521:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 429 324
2024-08-11 20:06:49,521:DEBUG:acme.client:Received response:
HTTP 429
Server: nginx
Date: Sun, 11 Aug 2024 18:06:49 GMT
Content-Type: application/problem+json
Content-Length: 324
Connection: keep-alive
Boulder-Requester: 1885871776
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/docs/rate-limits>;rel="help"
Replay-Nonce: cgBcsAuLWKUw2j8pYfaH5YgPvGH-AZ0TpEn7gcLodUUdccnsSls
Retry-After: 104864

{
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: vault.offclkaan.de, retry after 2024-08-12T23:14:33Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/",
  "status": 429
}
2024-08-11 20:06:49,521:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/lib/python3.11/contextlib.py", line 155, in __exit__
    self.gen.throw(typ, value, traceback)
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1683, in make_displayer
    yield displayer
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1736, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1440, in run
    new_lineage = _get_and_save_cert(le_client, config, domains,
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 478, in _get_order_and_authorizations
    orderr = self.acme.new_order(csr_pem)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 138, in new_order
    response = self._post(self.directory['newOrder'], order)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 338, in _post
    return self.net.post(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 711, in post
    return self._post_once(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 724, in _post_once
    response = self._check_response(response, content_type=content_type)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 575, in _check_response
    raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: vault.offclkaan.de, retry after 2024-08-12T23:14:33Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==2.1.0', 'console_scripts', 'certbot')())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1733, in main
    with make_displayer(config) as displayer:
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2024-08-11 20:06:49,523:ERROR:certbot._internal.log:An unexpected error occurred:
2024-08-11 20:06:49,523:ERROR:certbot._internal.log:AttributeError: can't set attribute
2024-08-11 20:07:39,729:DEBUG:certbot._internal.main:certbot version: 2.1.0
2024-08-11 20:07:39,729:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-08-11 20:07:39,729:DEBUG:certbot._internal.main:Arguments: ['--apache']
2024-08-11 20:07:39,729:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-08-11 20:07:39,733:DEBUG:certbot._internal.log:Root logging level set at 30
2024-08-11 20:07:39,733:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2024-08-11 20:07:39,766:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.61
2024-08-11 20:07:39,861:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f6c00734d50>
Prep: True
2024-08-11 20:07:39,861:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f6c00734d50> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f6c00734d50>
2024-08-11 20:07:39,861:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2024-08-11 20:07:39,905:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1885871776', new_authzr_uri=None, terms_of_service=None), 83b783c1df78fc63c0d2bd7960fdd9b3, Meta(creation_dt=datetime.datetime(2024, 8, 11, 18, 6, 44, tzinfo=<UTC>), creation_host='vault.offclkaan.de', register_to_eff='mail@fastlayer.eu'))>
2024-08-11 20:07:39,905:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-08-11 20:07:39,906:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-08-11 20:07:40,393:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 746
2024-08-11 20:07:40,394:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 11 Aug 2024 18:07:40 GMT
Content-Type: application/json
Content-Length: 746
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert",
  "xVBNguZYcKY": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417"
}
2024-08-11 20:07:42,019:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for vault.offclkaan.de
2024-08-11 20:07:42,020:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0001_key-certbot.pem
2024-08-11 20:07:42,022:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0001_csr-certbot.pem
2024-08-11 20:07:42,022:DEBUG:acme.client:Requesting fresh nonce
2024-08-11 20:07:42,022:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-08-11 20:07:42,185:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-08-11 20:07:42,185:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 11 Aug 2024 18:07:42 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: BbYiUXJNY9MJqMABzxdhyyuNyP2a2LU4ReSl4TpmHs9nlGHpUd0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2024-08-11 20:07:42,185:DEBUG:acme.client:Storing nonce: BbYiUXJNY9MJqMABzxdhyyuNyP2a2LU4ReSl4TpmHs9nlGHpUd0
2024-08-11 20:07:42,185:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "vault.offclkaan.de"\n    }\n  ]\n}'
2024-08-11 20:07:42,188:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTg4NTg3MTc3NiIsICJub25jZSI6ICJCYllpVVhKTlk5TUpxTUFCenhkaHl5dU55UDJhMkxVNFJlU2w0VHBtSHM5bmxHSHBVZDAiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
  "signature": "bsES3X-tbucWSSVqFuYC0y1yOF7BnRubrHQK4IaxGqpiGL1PyD5D0Ba-kEsVbcWMoT29Z36L5UBp2ZMAxTDNw8_Exhtpi6eywvaHuxl_PrmQDFZ8sl16G7FWFqdmol80uBhE7HnuBe9EA6ZdASJjkM1L66q1yaPNjhZ-ctw1738PNmO5FiIok76naX9rE0bpSWbg8no8imbDgVrFA9TGolfxAlR_DTuG2rOx8RYv-pyFXZm53LhfdwItN8VV4M_UpyLencQLAft6GQH3tdhxEskp0oHf1xNyQTsMzRcZr-NdTUHri4_NqbCQTCFgPw1qy2ztPFOdsq3cuQbyF2xVLw",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInZhdWx0Lm9mZmNsa2Fhbi5kZSIKICAgIH0KICBdCn0"
}
2024-08-11 20:07:42,383:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 429 324
2024-08-11 20:07:42,384:DEBUG:acme.client:Received response:
HTTP 429
Server: nginx
Date: Sun, 11 Aug 2024 18:07:42 GMT
Content-Type: application/problem+json
Content-Length: 324
Connection: keep-alive
Boulder-Requester: 1885871776
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/docs/rate-limits>;rel="help"
Replay-Nonce: cgBcsAuLEwiFFgMTSMiOATWr2CQQPUA6rBxuskdVW3xLOEOcM00
Retry-After: 104811

{
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: vault.offclkaan.de, retry after 2024-08-12T23:14:33Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/",
  "status": 429
}
2024-08-11 20:07:42,384:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/lib/python3.11/contextlib.py", line 155, in __exit__
    self.gen.throw(typ, value, traceback)
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1683, in make_displayer
    yield displayer
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1736, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1440, in run
    new_lineage = _get_and_save_cert(le_client, config, domains,
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 478, in _get_order_and_authorizations
    orderr = self.acme.new_order(csr_pem)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 138, in new_order
    response = self._post(self.directory['newOrder'], order)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 338, in _post
    return self.net.post(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 711, in post
    return self._post_once(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 724, in _post_once
    response = self._check_response(response, content_type=content_type)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 575, in _check_response
    raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: vault.offclkaan.de, retry after 2024-08-12T23:14:33Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==2.1.0', 'console_scripts', 'certbot')())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1733, in main
    with make_displayer(config) as displayer:
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2024-08-11 20:07:42,386:ERROR:certbot._internal.log:An unexpected error occurred:
2024-08-11 20:07:42,386:ERROR:certbot._internal.log:AttributeError: can't set attribute
2024-08-11 20:10:55,930:DEBUG:certbot._internal.main:certbot version: 2.1.0
2024-08-11 20:10:55,930:DEBUG:certbot._internal.main:Location of certbot entry point: /usr/bin/certbot
2024-08-11 20:10:55,931:DEBUG:certbot._internal.main:Arguments: ['--apache']
2024-08-11 20:10:55,931:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2024-08-11 20:10:55,935:DEBUG:certbot._internal.log:Root logging level set at 30
2024-08-11 20:10:55,935:DEBUG:certbot._internal.plugins.selection:Requested authenticator apache and installer apache
2024-08-11 20:10:55,967:DEBUG:certbot_apache._internal.configurator:Apache version is 2.4.61
2024-08-11 20:10:56,060:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * apache
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f78cd20cc10>
Prep: True
2024-08-11 20:10:56,061:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f78cd20cc10> and installer <certbot_apache._internal.override_debian.DebianConfigurator object at 0x7f78cd20cc10>
2024-08-11 20:10:56,061:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator apache, Installer apache
2024-08-11 20:10:56,104:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/1885871776', new_authzr_uri=None, terms_of_service=None), 83b783c1df78fc63c0d2bd7960fdd9b3, Meta(creation_dt=datetime.datetime(2024, 8, 11, 18, 6, 44, tzinfo=<UTC>), creation_host='vault.offclkaan.de', register_to_eff='mail@fastlayer.eu'))>
2024-08-11 20:10:56,105:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2024-08-11 20:10:56,105:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2024-08-11 20:10:56,495:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 746
2024-08-11 20:10:56,495:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 11 Aug 2024 18:10:56 GMT
Content-Type: application/json
Content-Length: 746
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "QlRHmQrHBFA": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.4-April-3-2024.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "renewalInfo": "https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-03/renewalInfo",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2024-08-11 20:10:57,727:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for vault.offclkaan.de
2024-08-11 20:10:57,729:DEBUG:certbot.crypto_util:Generating ECDSA key (2048 bits): /etc/letsencrypt/keys/0002_key-certbot.pem
2024-08-11 20:10:57,731:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0002_csr-certbot.pem
2024-08-11 20:10:57,731:DEBUG:acme.client:Requesting fresh nonce
2024-08-11 20:10:57,731:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2024-08-11 20:10:57,860:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2024-08-11 20:10:57,861:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Sun, 11 Aug 2024 18:10:57 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: bXG0Ugg-m-ytoE_sGljGbZRJbq3F7eA3SToKnxyF74EPxcufsfA
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2024-08-11 20:10:57,861:DEBUG:acme.client:Storing nonce: bXG0Ugg-m-ytoE_sGljGbZRJbq3F7eA3SToKnxyF74EPxcufsfA
2024-08-11 20:10:57,861:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "vault.offclkaan.de"\n    }\n  ]\n}'
2024-08-11 20:10:57,863:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTg4NTg3MTc3NiIsICJub25jZSI6ICJiWEcwVWdnLW0teXRvRV9zR2xqR2JaUkpicTNGN2VBM1NUb0tueHlGNzRFUHhjdWZzZkEiLCAidXJsIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL25ldy1vcmRlciJ9",
  "signature": "CpQcTkd_wlR-f5TR1sllJoOR0i0EtvxlJL7kXS1fH8erfBAYgEqFojWx8J3GXTLDIF7_crFNFQ1VWOgV4_7bECWtZtm24wuGfubxGOBydYQFIEyFq9w39iJkYL3G-8G8aIaYnHok_qgukPDVIfrK5KDa2Zr4cXZx7TVQ15H48GDTaJQDrGm0T8KKtLSn8VbbaSk4n5gos0TLhK3Et_xz-AEa1SAxyleFayJL4wCBsZL3hXkCZlhUbeyk2FYIetyLcipcV8-tPD5LMnmYmhmr_TSyXRqYhRBNSHKlXY5p6e0bXCWJCP459TkTP4IQVEMiQSm0CI7UJ_gEqouSsPSoDQ",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogInZhdWx0Lm9mZmNsa2Fhbi5kZSIKICAgIH0KICBdCn0"
}
2024-08-11 20:10:58,014:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 429 324
2024-08-11 20:10:58,014:DEBUG:acme.client:Received response:
HTTP 429
Server: nginx
Date: Sun, 11 Aug 2024 18:10:57 GMT
Content-Type: application/problem+json
Content-Length: 324
Connection: keep-alive
Boulder-Requester: 1885871776
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index", <https://letsencrypt.org/docs/rate-limits>;rel="help"
Replay-Nonce: hgpogSPu7jM3DcdDT8seuy16WJIOSSfVR4Ixlxq3-erIxhn5oGM
Retry-After: 104615

{
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: vault.offclkaan.de, retry after 2024-08-12T23:14:33Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/",
  "status": 429
}
2024-08-11 20:10:58,014:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "/usr/lib/python3.11/contextlib.py", line 155, in __exit__
    self.gen.throw(typ, value, traceback)
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1683, in make_displayer
    yield displayer
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1736, in main
    return config.func(config, plugins)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1440, in run
    new_lineage = _get_and_save_cert(le_client, config, domains,
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 138, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 516, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 428, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/client.py", line 478, in _get_order_and_authorizations
    orderr = self.acme.new_order(csr_pem)
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 138, in new_order
    response = self._post(self.directory['newOrder'], order)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 338, in _post
    return self.net.post(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 711, in post
    return self._post_once(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 724, in _post_once
    response = self._check_response(response, content_type=content_type)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/acme/client.py", line 575, in _check_response
    raise messages.Error.from_json(jobj)
acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: vault.offclkaan.de, retry after 2024-08-12T23:14:33Z: see https://letsencrypt.org/docs/duplicate-certificate-limit/

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/bin/certbot", line 33, in <module>
    sys.exit(load_entry_point('certbot==2.1.0', 'console_scripts', 'certbot')())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/main.py", line 19, in main
    return internal_main.main(cli_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certbot/_internal/main.py", line 1733, in main
    with make_displayer(config) as displayer:
  File "/usr/lib/python3.11/contextlib.py", line 188, in __exit__
    exc.__traceback__ = traceback
    ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/josepy/util.py", line 191, in __setattr__
    raise AttributeError("can't set attribute")
AttributeError: can't set attribute
2024-08-11 20:10:58,016:ERROR:certbot._internal.log:An unexpected error occurred:
2024-08-11 20:10:58,016:ERROR:certbot._internal.log:AttributeError: can't set attribute
3

How do you do? I have a problem with CertBot. I have tried at least 10 times today and reinstalled my server again and again, but unfortunately without success. How can I finally install Certbot? I get this error message all the time.

grafik
grafik1494×262 21.8 KB

Please help

4

The first thing is to update your version of Certbot. Version 2.3 fixed a bug which looks exactly like what you show: Certbot 2.3.0 Release

The current version is 2.11

This bug just prevents showing why the cert request failed. So, something else is failing too. But, it will be very helpful to know the original reason for failing once you update.

The Certbot team recommend using the snap install so that it stays updated. You can follow the instructions for Debian 10

3 Likes
5

From the log in the first reply:

:wink:

I believe the AttributeError only is an issue when there's an error from the ACME server.. So this would mean OP has gotten 5 perfectly fine certificates before running into the AttributeError..

@offclkaan Please use one of the previously issued 5 certificates, thank you.

2 Likes
6

I cannot update my Certbot.

And I wasn't issued a certificate at all, otherwise it would have worked straight away. I got the same error messages every time.

7

Ah, yes.

The underlying problem is probably related to this failure using HTTPS. HTTP works fine

curl -i https://vault.offclkaan.de
curl: (35) error:0A00010B:SSL routines::wrong version number

curl -I http://vault.offclkaan.de
HTTP/1.1 200 OK
Date: Sun, 11 Aug 2024 18:44:00 GMT
Server: Apache/2.4.61 (Debian)

A little surprised to see such an error when using --apache plugin.

We should probably look at this output

sudo apache2ctl -t -D DUMP_VHOSTS
3 Likes
8

grafik
grafik826×143 12.6 KB

9

You definitely got 5 certs for vault already. Please see output of sudo certbot certificates

image
image2223×390 105 KB

3 Likes
10

This is not the first time I have installed Bitwarden and Vaultwarden. I also know how to install Certbot, but today was the first time I had such a problem. And I don't know what the problem is...

11

grafik
grafik805×133 5.81 KB

12

Well, Let's Encrypt issued 5 certificates in the time span of just 10 minutes: crt.sh | vault.offclkaan.de

But there's something else weird going on in your log:

It's registering a new account.. But why would Certbot do that?

Is the directory /etc/letsencrypt/ ephemeral for some reason perhaps?

1 Like
13

I have reinstalled the server.

14

Before or after you got 5 certs between Aug 11 14:28:38 2024 GMT and Aug 11 14:38:33 2024 GMT?

2 Likes
15

I have installed my server a few times today. And there was always the same error message. Today I could not install it at all. At crt.sh you can also see that I also had normal certificates at that time, but today 5x it can be yes, but none of it showed me or worked.

16

Well, you are at your limit of certs per week for that exact domain name. You could get a cert from another Certificate Authority until you can get more from Let's Encrypt. Or, maybe try the work-around suggested here: Duplicate Certificate Limit - Let's Encrypt

You were not having a problem getting a cert. You were having a problem configuring Apache to use it. It might be related to the problem in your Apache config that you have two VirtualHosts for the same domain name and port. While Apache will start with those settings you won't get the correct result. And, this could interfere with Certbot configuring your VirtualHost for port 443.

image
image2376×333 106 KB

3 Likes
17

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.