Error creating new order

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: arkfantazi.ru

I ran this command: using the plugin trying to issue a certificate (win-acme.v2.2.2.1449.x64.pluggable)

It produced this output: Plugin IIS generated source arkfantazi.ru with 1 identifiers
Plugin Single created 1 order
Cached order has status invalid, discarding
Failed to create order: Error creating new order :: too many failed authorizations recently: see Failed Validation Limit - Let's Encrypt

My web server is (include version):

The operating system my web server runs on is (include version): WinServer2016(latest update)

My hosting provider, if applicable, is: on your own

I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
IIS
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

The problem is just what it says: you've had too many failed attempts to validate your domain recently (within the past hour IIRC; the rate limits page will tell you). But that doesn't tell you why they failed. Earlier logs may tell you that.

Ie I need to wait for some time and try again?

A simple Windows ACMEv2 client (WACS)
Software version 2.2.2.1449 (release, pluggable, standalone, 64-bit)
Connecting to https://acme-v02.api.letsencrypt.org/...
Connection OK!
Scheduled task points to different location for .exe and/or working directory
Scheduled task exists but does not look healthy
Please report issues at GitHub - win-acme/win-acme: A simple ACME client for Windows (for use with Let's Encrypt et al.)

N: Create certificate (default settings)
M: Create certificate (full options)
R: Run renewals (0 currently due)
A: Manage renewals (0 total)
O: More options...
Q: Quit

Please choose from the menu: n

Running in mode: Interactive, Simple

Please select which website(s) should be scanned for host names. You may
input one or more site identifiers (comma-separated) to filter by those
sites, or alternatively leave the input empty to scan all websites.

1: arkfantazi.ru (1 binding)

Site identifier(s) or to choose all: 1

1: arkfantazi.ru (Site 1)

Listed above are the bindings found on the selected site(s). By default all
of them will be included, but you may either pick specific ones by typing the
host names or identifiers (comma-separated) or filter them using one of the
options from the menu.

P: Pick bindings based on a search pattern
A: Pick all bindings

Binding identifiers(s) or menu option: a

1: arkfantazi.ru (Site 1)

Continue with this selection? (y*/n) - yes

Source generated using plugin IIS: arkfantazi.ru

Plugin IIS generated source arkfantazi.ru with 1 identifiers
Plugin Single created 1 order
Cached order has status invalid, discarding
Failed to create order: Error creating new order :: too many failed authorizations recently: see Failed Validation Limit - Let's Encrypt

Create certificate failed, retry? (y/n*)

this is what the plugin shows

Plugin IIS generated source arkfantazi.ru with 1 identifiers
Plugin Single created 1 order
Cached order has status invalid, discarding
[arkfantazi.ru] Authorizing...
[arkfantazi.ru] Authorizing using http-01 validation (SelfHosting)
[arkfantazi.ru] Authorization result: invalid
[arkfantazi.ru] {"type":"urn:ietf:params:acme:error:connection","detail":"91.245.37.241: Fetching http://arkfantazi.ru/.well-known/acme-challenge/5JXEABWNfxmA_6m5FAV1T_E9B5jolomtW3mttuMYsEY: Connection refused","status":400,"instance":null}
[arkfantazi.ru] Deactivating pending authorization

now gave it out

So there's your problem--your server, or something upstream of your server (perhaps your firewall, or your ISP), is refusing connections on port 80. You'll need to correct that before you'll be able to obtain a cert this way.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.