I am getting ssl error my configtest is ok ubuntu

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.evdodepotusa.com

I ran this command: certbot renew --dry-run

It produced this output:


Processing /etc/letsencrypt/renewal/evdodepotusa.com-0001.conf


Simulating renewal of an existing certificate for evdodepotusa.com
Failed to renew certificate evdodepotusa.com-0001 with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.


Processing /etc/letsencrypt/renewal/evdodepotusa.com.conf


Simulating renewal of an existing certificate for evdodepotusa.com and www.evdodepotusa.com
Failed to renew certificate evdodepotusa.com with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.


Processing /etc/letsencrypt/renewal/www.evdodepotusa.com.conf


Simulating renewal of an existing certificate for www.evdodepotusa.com
Failed to renew certificate www.evdodepotusa.com with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.


All simulated renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/evdodepotusa.com-0001/fullchain.pem (failure)
/etc/letsencrypt/live/evdodepotusa.com/fullchain.pem (failure)
/etc/letsencrypt/live/www.evdodepotusa.com/fullchain.pem (failure)


3 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): Ubuntu 22.04 [Apache2]

The operating system my web server runs on is (include version): Ubuntu

My hosting provider, if applicable, is: AWS (Amazon Web Service)

I can login to a root shell on my machine (yes or no, or I don't know) yes:

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 1.21.0

Hello @raowaqarali, welcome to the Let's Encrypt community. :slightly_smiling_face:

Using this online tool Let's Debug Toolkit shows results here https://tools.letsdebug.net/cert-search?m=domain&q=evdodepotusa.com&d=168 of "Duplicate Certificates evdodepotusa.com, www.evdodepotusa.com 4 of 5 weekly certificates."

Please use caution as testing and debugging are best done using the Staging Environment as the Rate Limits are much higher. Rate Limits are per week (rolling).

1 Like

Supplemental information, it seem you are running Apache

$ curl -I http://www.evdodepotusa.com/.well-known/acme-challenge/letsdebug-test
HTTP/1.1 404 Not Found
Date: Mon, 19 Dec 2022 16:29:52 GMT
Server: Apache/2.4.54 (Ubuntu)
Content-Type: text/html; charset=iso-8859-1
1 Like

yes i am running apache2 i had errors in ssl than now its giving me
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel): www.evdodepotusa.com,evdodepotusa.com
Requesting a certificate for www.evdodepotusa.com and evdodepotusa.com
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: evdodepotusa.com,www.evdodepotusa.com, retry after 2022-12-21T00:01:10Z: see Duplicate Certificate Limit - Let's Encrypt
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

can you please help iin this

Kindly wait for more knowledgeable Let's Encrypt community volunteers to assist.

1 Like

You must be repeating a broken process.
Let's see what certs you do have, with:
certbot certificates

2 Likes

It seems that your Apache configuration has been altered since your last renewal.
Let's have a look at that, with:
apachectl -t -D DUMP_VHOSTS

2 Likes

apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:

and yes i was trying to reinstall the certificates to my instance

its returning no value

???

Please also try it with sudo:
sudo apachectl -t -D DUMP_VHOSTS

[and make sure you are connected to the server where you need the certificate]

2 Likes

root@ip-172-31-23-200:/etc/apache2/sites-available# ^C
root@ip-172-31-23-200:/etc/apache2/sites-available# sudo apachectl -t -D DUMP_VHOSTS

VirtualHost configuration

this is what i am getting

Are you on the right system?
Please show:
curl -4 ifconfig.co
curl -4 ifconfig.io
[either one will work]

And:

2 Likes

root@ip-172-31-23-200:/etc/apache2/sites-available# curl -4 ifconfig.co

Just a moment...

ifconfig.co

Checking if the site connection is secure

Enable JavaScript and cookies to continue
ifconfig.co needs to review the security of your connection before proceeding.
<div class="footer" role="contentinfo">
    <div class="footer-inner">
        <div class="clearfix diagnostic-wrapper">
            <div class="ray-id">Ray ID: <code>77c1fa8a5e87e823</code></div>
        </div>
        <div class="text-center">Performance &amp; security by <a rel="noopener noreferrer" href="https://www.cloudflare.com?utm_source=challenge&utm_campaign=j" target="_blank">Cloudflare</a></div>
    </div>
</div>
root@ip-172-31-23-200:/etc/apache2/sites-available#

this is what i got

Please try the other site then:
curl -4 ifconfig.io

AND

2 Likes

root@ip-172-31-23-200:/etc/apache2/sites-available# curl -4 ifconfig.io
3.140.203.25
root@ip-172-31-23-200:/etc/apache2/sites-available#

its returned this

That IP does match the DNS resolve for the name:

Name:    evdodepotusa.com
Address: 3.140.203.25
Aliases: www.evdodepotusa.com

So, you should be at the right system.

What shows?:

2 Likes

Side note presently Rate Limits are in effect.

2 Likes

My first post [#6] covered that:

2 Likes

what is solution for this can you please guide me

You can start by reading my posts completely.
I've now asked more than four times for you to show the output of:
certbot certificates

4 Likes