Here already I specify I am quite a novice despite some knowledge. And I'm French so I translate everything with Google Translate.
I have a QNAP TS-251A NAS connected to my ASUS AC68U main router which is itself connected to my Freebox in Bridge mode.
I used to use Asus DDNS on the router with Let’s Encrypt SSL certificate. But I don't know why, this one is not renewed. After several attempts and re-creations of Asus DDNS, I am unable to achieve the Let’s Encrypt certification. I absolutely need this one so that my Google Home can access my Jeedom home automation server.
So I gave up the Asus DDNS in order to use the one on my NAS. But I have the same problem, the DDNS was created fine but the Let’s Encrypt certifications, no.
Do you have any idea what the problem is and can you please help me?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
is there a possibility to cancel this certificate to start over ?
I ask this because on my router does not want to know anything it seems to be blocked at the level of the Let's encrypt certificate, but the DDNS works without the certificate.
I would think that the Freebox may need to terminate the TLS connections now.
If that is not the case, and/or it doesn't resolve your problem, please answer all of the questions shown above so that we can provide you with the best possible help.
I ran this command: I recreated the same domain name on my router to resolve the problem, but it didn't change anything. I tried to create another domain name but nothing changed either
It produced this output: I have a status showing "allow" but the update and expiration dates do not appear
My web server is (include version): asuscomm.com on my Asus AC68U router
The operating system my web server runs on is (include version): asuscomm.com on my Asus AC68U router
My hosting provider, if applicable, is: asuscomm.com
I can login to a root shell on my machine (yes or no, or I don't know): yes « putty »
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): i don’t know
Here is the history of the system:
Dec 6 16:59:12 kernel: [Sun Dec 6 16:59:12 MET 2020] Registering account
Dec 6 16:59:17 kernel: [Sun Dec 6 16:59:17 MET 2020] Already registered
Dec 6 16:59:17 kernel: [Sun Dec 6 16:59:17 MET 2020] ACCOUNT_THUMBPRINT='REMPvW_WodaH0Ppxj3OF4irdWVV0SaCRXlo-10XUJRw'
Dec 6 16:59:17 kernel: [Sun Dec 6 16:59:17 MET 2020] Single domain='helokev.asuscomm.com'
Dec 6 16:59:18 kernel: [Sun Dec 6 16:59:18 MET 2020] Getting domain auth token for each domain
Dec 6 16:59:21 kernel: [Sun Dec 6 16:59:21 MET 2020] Create new order error. Le_OrderFinalize not found. {
Dec 6 16:59:21 kernel: "type": "urn:ietf:params:acme:error:rateLimited",
Dec 6 16:59:21 kernel: "detail": "Error creating new order :: too many certificates already issued for exact set of domains: helokev.asuscomm.com: see https://letsencrypt.org/docs/rate-limits/",
Dec 6 16:59:21 kernel: "status": 429
Dec 6 16:59:21 kernel: }
Dec 6 16:59:21 kernel: [Sun Dec 6 16:59:21 MET 2020] Please add '--debug' or '--log' to check more details.
Dec 6 16:59:21 kernel: [Sun Dec 6 16:59:21 MET 2020] See: https://github.com/Neilpang/acme.sh/wiki/How-to-debug-acme.sh
Dec 6 16:59:29 rc_service: watchdog 322:notify_rc start_cfgsync
Dec 6 16:59:59 rc_service: watchdog 322:notify_rc start_cfgsync
Dec 6 17:00:29 rc_service: watchdog 322:notify_rc start_cfgsync
Dec 6 17:00:59 rc_service: watchdog 322:notify_rc start_cfgsync
Dec 6 17:01:29 rc_service: watchdog 322:notify_rc start_cfgsync
Dec 6 17:01:59 rc_service: watchdog 322:notify_rc start_cfgsync
Whatever you're doing, you can stop doing it - it is obviously NOT working.
It is only wasting LE resources at this point.
See: crt.sh | helokev.asuscomm.com
You may need to speak with ASUS about why this is happening and how to get it to stop.