Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:files.fpwprojects.vn
I ran this command:I have renewed SSL for nasynology but got error on NPM
It produced this output: Failed to renew certificate npm-7 with error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Your account is temporarily prevented from requesting certificates for files.fwprojects.vn and possibly other
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is nasynology
I can login to a root shell on my machine (yes or no, or I don't know):i don't know
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):yes, i manager ngix proxy for docker and run for web
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
I am not certain which rate limit is restricting you. It is an unusual one
We will need to see the entire Certbot log. NPM uses Certbot to request certs and NPM has not shown the entire message. The log will have the complete message we need to know what is happening.
My first guess is you are affected by the "Zombie" client check. This ensures a failing client cannot keep requesting certs forever and wasting Let's Encrypt resources. In this case the error shows a URL you must follow to unpause your account. See: How We Reduced the Impact of Zombie Clients - Let's Encrypt
The other option is you are making far too many requests too quickly. See: Rate Limits - Let's Encrypt In this case the full error will state more details including when you can try to get another cert. Of course, you also need to fix whatever is causing you to make too many requests if this is the rate limit involved. I don't think this is likely in a typical NPM setup but it may be possible. Maybe if you are managing a large number of certificates in one NPM setup.
Your cert history for that domain is below. It looks like it should have renewed around Jun13 per your prior pattern. So, you maybe have been trying very frequently since then and failing which activated the "zombie" restriction. This is my best guess.
It seems not because of my nasynology, I have a domain pointing to it that has been granted a cert, but files.fpwprojects.vn has not, I think I have been blocked by the zombie blocking mechanism.
i checked each part about port 80 and 443 from wan ip address, everything is ok, next i caught api from web to determine the main error and i found out it seems i have been blocked by zombie mechanism since july, yesterday i tried to recreate but still not feasible and not fixed
NPM configures your system for you. There are usually many different things it manages - containers, servers, communication, cert requests ...
When something goes wrong it can be very difficult to debug. You should ask the NPM experts at their forum. The NPM system does not make it easy to find the needed info (like the log files).
How do you know that the "zombie" pause is active for your account?
Because it takes a very large number of consecutive failures to get paused as described here: Rate Limits - Let's Encrypt
If this is your only domain your failures would not have started until around Jun 13 (60d after your prior good cert). To get paused in mid-July would mean you failed 40 times each day for 30 days in a row. To attempt and fail 40 times per day is far too many requests and very poor practice. If that was happening be sure to fix that too.
It could also be that npm auto-renewed in mid-July and had an error that couldn't get the cert and this renewal was repeated many times, I didn't track it until today I discovered it, I removed it and haven't been able to get the cert back, all I can do now is wait, right?
If you are paused then waiting won't help. Please read the rate limit page I linked previously. You still haven't shown an exact error message. I can't say anything specific without that.
