I need help installing one of the many certificates I've acquired

Currently, I am not authenticated with the following error. I don't want to wait 168 hours. What should i do?

"There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: hasuda.biz:"

@moai Welcome to the community

The short answer is you could use 1 of the 5 certificates you already issued today. See your history at: crt.sh | hasuda.biz

You could also try issuing a cert with both your apex and www names like you did before. The rate limit is for exact same names in cert.

If you are testing something new, I recommend using --dry-run or --test-cert until you have that working.

3 Likes

Can I say the same if I try:

certbot certonly --webroot -w /var/www/html/ -d hasuda.biz

Thank you for your advice.

@moai No, you already created 5 with that name. You would have to add -d www.hasuda.biz. As long as your server still responds to that name and your DNS does too.

Make sure to add --dry-run while testing

3 Likes

I tried it as follows. Seems like a failure.
Is the usage of the --dry-run option correct?

certbot certonly --dry-run --webroot -w /var/www/html/ -d www.hasuda.biz

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Starting new HTTPS connection (1): acme-staging-v02.api.letsencrypt.org
Account registered.
Simulating a certificate request for www.hasuda.biz
Performing the following challenges:
http-01 challenge for www.hasuda.biz
Using the webroot path /var/www/html for all unmatched domains.
Waiting for verification...
Challenge failed for domain www.hasuda.biz
http-01 challenge for www.hasuda.biz
Cleaning up challenges
Some challenges have failed.

Certainly, I think that I have also tried www by adding -d.

2 Likes

With port 80 being closed for both hasuda.biz and www.hasuda.biz, there is no way an HTTP-01 challenge will succeed.

https://www.yougetsignal.com/tools/open-ports/

1 Like

I had meant for you to add -d www.hasuda.biz to create a similar cert that you had before (see the crt.sh history I posted earlier).

Like:
certbot certonly --webroot -w /var/www/html/ -d hasuda.biz -d www.hasuda.biz

That would be a cert with a new name and restart your 5/week limit.

But, as @griffin points out, your website cannot be reached. You will need to sort that out before using --webroot

3 Likes

Port 80 is open, so it's likely that it's different from the one to which the IP address is assigned. Check and try again. Thank you very much.

2 Likes

Still closed.

Is this the correct IP address?

122.249.120.41

2 Likes

thank you very much.

2 Likes

I may have made a mistake. One moment, please. confirm.

2 Likes

There is a response from that IP...
But it isn't serving anything for the names: hasuda.biz & www.hasuda.biz

We should have a look at these outputs:
certbot certificates
sudo apachectl -t -D DUMP_VHOSTS
curl -4 ifconfig.co

2 Likes

I'm sorry to make you worry.
Now I've used the IP correctly, configured it, and authenticated.
Thank you very much.

2 Likes

122.249.120.41 was the correct address. However, it seems that the settings before asking for my authentication were incorrect.
Now it is authenticated without any problem and the operation is stable. Thank you very much.

2 Likes

It was exactly what you said. My settings were wrong.
Now it's working fine.
Thank you very much.

3 Likes