Hey all,
yesterday I set a new A record for a domain (prost-mahlzeit.de). I also set same A record for www of that domain.
Just as I always do.
Waited a little, then tried to use le script to issue an ssl cert, just like I always do. And usually it works fine, unless I accidently mistype in my A records.
But with this domain, it just doesnt work.
I checked using dnschecker.org if the new routing has already propagated, used dig in my console and it seems to be resolving to the desired IP - for www and non www.
I tried again this morning, because I thought, ok maybe this domain just needs a little bit more time or something. But same result: unable to verify www resolution.
Hm, so I went back to my DNS settings, and changed setup a little removing the A record for www.prost-mahlzeit.de and instead adding a CNAME entry which resolves to prost-mahlzeit.de
I am using another Domain on same server with exactly this setup and there is no issue running letsencrypt for that domain. It is the only Domain which is setup with cname for www version instead of separate A record.
I thought, I’d give it a try, if le just doesnt want to see my A record for www, but same result. I can’t get le to issue a cert for that domain. pulling my hair out. Is this some kind of cache issue on le side of ways?
Is there a way to push a cache clear request for a certain domain towards le system?
EDIT: ok and now I am seeing a new message from le in my console:
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
lol. thanks bot! I tried it about 26 times over the last 24 hours - so roughly tried it once per hour. Why is this too much? DNS is set correctly. I can’t help if you are using cached values, you bot. TTL is set to 1hour hostwise; so why should I not try roughly once per hour??