Error creating new order :: too many failed authorizations recently

I was trying to renew the domain certificate but the following error came out:

Certbot failed to authenticate some domains (authenticator: apache). The Certifi cate Authority reported these problems:
Domain: www.alarmarltda.com
Type: connection
Detail: 201.184.143.219: Fetching http://www.alarmarltda.com/.well-known/acme- challenge/KWJjNUUjmDMh7NQB7GyzgFMQrrQO9SXE_rqygiT7cqU: Error getting validation data

Hint: The Certificate Authority failed to verify the temporary Apache configurat ion changes made by Certbot. Ensure that the listed domains point to this Apache server and that it is accessible from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See t he logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for mo re details.

Then I tried again and I get the following:Error creating new order :: too many failed authorizations recently: see https:/ /letsencrypt.org/docs/failed-validation-limit/
Ask for help or search for solutions at https://community.letsencrypt.org. See t he logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for mo re details.

My domain is: www.alarmarltda.com

I ran this command:certbot

I can login to a root shell on my machine (yes or no, or I don't know):yes

Hello @bcastrillon18, welcome to the Let's Encrypt community.

Best Practice - Keep Port 80 Open

The HTTP-01 challenge of the Challenge Types - Let's Encrypt requires access to Port 80.

Using the online tool https://letsdebug.net/ yields these results https://letsdebug.net/www.alarmarltda.com/1484807

ANotWorking
ERROR
www.alarmarltda.com has an A (IPv4) record (201.184.143.219) but a request to this address over port 80 did not succeed. Your web server must have at least one working IPv4 or IPv6 address.
Get "http://www.alarmarltda.com/.well-known/acme-challenge/letsdebug-test": dial tcp 201.184.143.219:80: connect: no route to host

Trace:
@0ms: Making a request to http://www.alarmarltda.com/.well-known/acme-challenge/letsdebug-test (using initial IP 201.184.143.219)
@0ms: Dialing 201.184.143.219
@3146ms: Experienced error: dial tcp 201.184.143.219:80: connect: no route to host

IssueFromLetsEncrypt
ERROR
A test authorization for www.alarmarltda.com to the Let's Encrypt staging service has revealed issues that may prevent any certificate for this domain being issued.
201.184.143.219: Fetching http://www.alarmarltda.com/.well-known/acme-challenge/1TrExvws21KJeKg0tWiOq37PY50cVX9b1QxBDgtpL-Q: Error getting validation data

$ nmap -Pn -p80,443 www.alarmarltda.com
Starting Nmap 7.80 ( https://nmap.org ) at 2023-05-17 21:29 UTC
Nmap scan report for www.alarmarltda.com (201.184.143.219)
Host is up.
rDNS record for 201.184.143.219: static-adsl201-184-143-219.une.net.co

PORT    STATE    SERVICE
80/tcp  filtered http
443/tcp filtered https

Nmap done: 1 IP address (1 host up) scanned in 3.08 seconds

And for limits see:

• Rate Limits - Let's Encrypt
• Duplicate Certificate Limit - Let's Encrypt

Testing and debugging are best done using the Staging Environment.

To assist with debugging there is a great place to start is Let's Debug.

This most often means "actively blocked by a firewall or router".

Exactly %

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.