Error: LetsEncrypt challenge request 429

I read many posts about this Error: LetsEncrypt challenge request 429 and couldn’t find any solution.

I bought this domain on 1and1 now it’s merged with IONOS. The problem was a simple one. All you need to do is go to your domain control panel and delete AAA record that points to IPv6 address to 1and1 server.
Just make sure all whats left are your A type records that point to your IPv4 address.


My domain is: enzymaticcleaner.co.uk

Hi @popthewebsite

your website has a curious thing (checked with https://check-your-website.server-daten.de/?q=enzymaticcleaner.co.uk ):

Domainname Http-Status redirect Sec. G
http://enzymaticcleaner.co.uk/
94.237.57.13 301 https://enzymaticcleaner.co.uk/ 0.184 A
http://www.enzymaticcleaner.co.uk/
94.237.57.13 301 https://www.enzymaticcleaner.co.uk/ 0.200 A
https://www.enzymaticcleaner.co.uk/
94.237.57.13 301 https://enzymaticcleaner.co.uk/ 1.407 B
https://enzymaticcleaner.co.uk/
94.237.57.13 200 1.876 B
http://enzymaticcleaner.co.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
94.237.57.13 200 0.064
Visible Content: check-your-website-dot-server-daten-dot-de.mwaip3AQB6pGMyCtF826W6VTGIcgxg_ilPPkWrAQHJA
http://www.enzymaticcleaner.co.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
94.237.57.13 200 0.057
Visible Content: check-your-website-dot-server-daten-dot-de.mwaip3AQB6pGMyCtF826W6VTGIcgxg_ilPPkWrAQHJA

The first four entries are very good, three redirects, one http status 200, one preferred https version.

But if you use http-01 validation, your client creates a file in /.well-known/acme-challenge, Letsencrypt checks that file.

So the expected answer (unknown file): Http status 404 - Not found.

But your website sends a file with

check-your-website-dot-server-daten-dot-de.mwaip3AQB6pGMyCtF826W6VTGIcgxg_ilPPkWrAQHJA

as content. So it uses the filename, adds a dot and - a hashed value of the public key. The key may be your Letsencrypt account key. Or the key of your hoster.

How do you create a new certificate?

Hi, I just usually recreate a new one using my vestaCP.

Ah, looks like vestaCP creates that answer.

And now you have a new certificate:

CN=enzymaticcleaner.co.uk
	05.03.2019
	03.06.2019
expires in 89 days	enzymaticcleaner.co.uk, 
www.enzymaticcleaner.co.uk - 2 entries

and a good Grade B. So both connections (non-www and www) are secure, you don’t have http content and there is one preferred version.

If the renew works next time, perhaps add the HSTS (Strict Transport Security) - header.

Thanks JuergenAuer :slight_smile:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.