Error Finalizing order

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:nerdnightlax.cocm

I ran this command:certbot certonly --cert-name nerdnightlax.com -d book.nerdnightlax.com,download.nerdnightlax.com,movies.nerdnightlax.com,nerdnightlax.com,plex.nerdnightlax.com,status.nerdnightlax.com,tv.nerdnightlax.com,guac.nerdnightlax.com,riotweb.nerdnightlax.com,next.nerdnightlax.com,pass.nerdnightlax.com,riot.nerdnightlax.com,git.nerdnightlax.com

It produced this output:
Error while running nginx -c /etc/nginx/nginx.conf -t.

nginx: [emerg] cannot load certificate “/etc/letsencrypt/live/nerdnightlax.com/fullchain.pem”: BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’/etc/letsencrypt/live/nerdnightlax.com/fullchain.pem’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed

How would you like to authenticate with the ACME CA?

1: Nginx Web Server plugin (nginx) [Misconfigured]
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)

Select the appropriate number [1-3] then [enter] (press ‘c’ to cancel): 2
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
An unexpected error occurred:
The server experienced an internal error :: Error finalizing order
Please see the logfiles in /var/log/letsencrypt for more details.
root@NS-NGINX:/etc/nginx/sites-available#

My web server is (include version):nginx/1.16.1

The operating system my web server runs on is (include version):ubuntu 18.0.4

My hosting provider, if applicable, is:NA

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):cannot get that command

There seems to be issues that lets encrypt are aware of: https://letsencrypt.status.io
Would wait till the site shows clear before trying again!

i want to run a scenario past you. if my nginx -t will not work due to the certs not being present in the directive can i still manually run certbot? in troubleshooting i removed the certs with the expectation certbot would generate new ones.

Hi @bahrdlaxwi

that's

always wrong. Never delete certificates if you don't have a working configuration.

There are rate limits.

And now, Letsencrypt has an interruption -> you have a problem.

well i will restore to last nights backup and wait for the service disruption to clear. Sounds like my best option correct ?

Yeah same here. Stagging is working. acme production enpoint seems to be down.
The status at https://letsencrypt.status.io/ confirms this. seems they are working on a fix.

Is there anyway to have my rate limit reset ? due to this issue this morning i am not blocked and my services wont get a new cert for a week if i read the rate-limit doc

Please see the update here The server experienced an internal error :: Error finalizing order

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.