Ipv6 only host certificates

Hi,

updating a Debian stretch ipv6 only host certificate fails with

root@home:~# dig home.bokomoko.de -t AAAA

; <<>> DiG 9.10.3-P4-Debian <<>> home.bokomoko.de -t AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14501
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;home.bokomoko.de. IN AAAA

;; ANSWER SECTION:
home.bokomoko.de. 299 IN AAAA 2a02:8070:8982:aa00:d263:b4ff:fe00:325c

;; Query time: 138 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Feb 20 22:39:21 CET 2018
;; MSG SIZE rcvd: 73

root@home:~# dig home.bokomoko.de -t A

; <<>> DiG 9.10.3-P4-Debian <<>> home.bokomoko.de -t A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46412
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;home.bokomoko.de. IN A

;; AUTHORITY SECTION:
bokomoko.de. 1799 IN SOA ns.bokomoko.de. root.bokomoko.de. 20171473 10800 3600 604800 86400

;; Query time: 197 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Feb 20 22:39:26 CET 2018
;; MSG SIZE rcvd: 89

root@home:~# letsencrypt renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/home.bokomoko.de.conf

Cert is due for renewal, auto-renewing…
Plugins selected: Authenticator apache, Installer apache
Renewing an existing certificate
Attempting to renew cert (home.bokomoko.de) from /etc/letsencrypt/renewal/home.bokomoko.de.conf produced an unexpected error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/home.bokomoko.de/fullchain.pem (failure)


All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/home.bokomoko.de/fullchain.pem (failure)

1 renew failure(s), 0 parse failure(s)
root@home:~# letsencrypt --version
certbot 0.21.1
root@home:~#

Any idea what may went wrong is welcome…

Thanks
Rainer

This is not the underlying reason for the failure; it means that you tried too many attempts that all failed for a different reason. If you wait an hour and try again, you can find out the real reason for the failure. (It should also be in your logs in /var/log/letsencrypt if you want to look it up.)

1 Like

Interesting. This morning I get on the first run

root@home:~# letsencrypt renew
Saving debug log to /var/log/letsencrypt/letsencrypt.log


Processing /etc/letsencrypt/renewal/home.bokomoko.de.conf

Cert not yet due for renewal


The following certs are not due for renewal yet:
/etc/letsencrypt/live/home.bokomoko.de/fullchain.pem (skipped)
No renewals were attempted.

root@home:~#

Seems yesterday it run through…

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.