Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: wingarmac.org
I ran this command: root@ubserv:/var/www/public_html2# certbot certonly --dns-route53 -d ubserv.wingarmac.org
It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for ubserv.wingarmac.org
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see Failed Validation Limit - Let's Encrypt
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
I ran this command: root@ubserv:/var/www/public_html2# cat /var/log/letsencrypt/letsencrypt.log | nc termbin.com 9999
It produced this output: https://termbin.com/bg0us
My web server is (include version): Bind9, Wireguard, Apache2 and Webmin for wich I would like a certificate for each host part of my VPN
The operating system my web server runs on is (include version): Ubuntu server 22.04 Jammy Jellyfish
Domain names hostings:
wingarmac.org (easyhost.be pointing my fixed public IP)
wingarmac.com (Google domains pointing my fixed public IP)
wingarmac.org is for VPN DNS forwarding and host names
with the both servers at:
ubserv.wingarmac.org (ns1) (VPN IP 10.5.5.1)
ubcynt.wingarmac.org (ns2) VPN IP 10.5.5.2)
wingarmac.com are registered the lan IPs of my both bind split horizon DNS servers ns1.wingarmac.com (192.168.1.10) and ns2.wingarmac.com (192.168.1.20)
I can login to a root shell on my machine (yes or no, or I don't know):
ubcynt and ubserv are my own servers at home.
ubcynt is installed with Cinnamon desktop and SSH to ubserv for setting up above webmin that should also be installed on all futur VPN hosts of my private network.
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): NO, only have set the domain to point my public IP on each respective dashboard (Google and Easyhost)
I could get the cert for wingarmac.org but not for my host names.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
certbot 1.21.0
I do not require webhosting, and rather wouldn't have a webpage. I only installed Apache in order to be able to cert my entire domain and eventualy for login options to the VPN hosts later, if I need to use it after all.
all my devices can ping to eachother using their FQDN and give results with dig and nslookup. Some applications uses 127.0.0.1 and need to be set to use my own DNS so these could find my hosts with their names.
I think something might be wrong with the settings in bind after all. but since my local servers can reach eachother and my mobile can't when on the VPN reach by name my servers, only by VPN IP.
This last was resolved by using default dns in the Chrome security settings. so it uses the dns provided by the VPN connection instead of Google's open DNS that was set before.