When I try to renew my certificate which was only 3 months old to begin with I get:
"Your account is temporarily prevented from requesting certificates for admin.mountainhighseo.com and possibly others. Please visit: Let's Encrypt - Portal"
I have tried multiple times in multiple browsers and the link does not work! I only get a source code (like if you right click a page and click view source) that cuts off after the section and tells me nothing of worth.
My web server is (include version): Rocky 9, virtualmin
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes
Second questions, why would my account be locked after just one renewal?!
I literally just successfully setup my cert 3 months ago, how would that get flagged as a zombie account? Also, any insight into my main question of what to do with the link that is not working so I can fix my account? ty.
I can post the full link but wasn't sure if that was a security issue or not.
As @linkp noted the error you describe is because of extremely high number of failed requests.
I am puzzled because the domain you mention admin.mountainhighseo.comwas successfully validated for a cert issued Mar17 2025: crt.sh | 17193213650
I thought that should ensure that particular domain name wasn't considered a "zombie"
I am also puzzled as you said you got that cert 3 months ago. You got one on Mar17 and before that on Jan16 (and two more earlier than those for a total of 4 certs perfectly normal 60 day renewal schedule).
Is there a different cert request for just admin domain happening on a different system that keeps failing perhaps?
We haven't seen any problems with this yet so not quite sure how to proceed. But, yes, go ahead and post the full URL although put a space somewhere in the middle to avoid auto-clicks
Thank you for the help. Yes, ok I switched servers and perhaps both were trying to renew, or at least the new one was unsucessfully. That likely explains that, so how to unpause the new server... here's the link I get in the log:
I agree lol however Im not sure what that means or what to do next. Portal software would be related to the LetsEncrypt side correct? Nothing of my doing?
I see the error you get with that unpause link. I'll escalate that offline.
In the meantime, you should check the failing server to see why it would retry failures so frequently. You only get paused for an extremely high number of failures. If your ACME Client is retrying failures instantly and forever it won't help to get unpaused.
What ACME Client are you using? Is it scheduled by a timer or cron maybe every minute rather than once/twice per day?
The fact you're seeing the HTML source code: not your doing indeed. However, the fact that somehow your ACME client managed to trigger the zombie pausing feature is something else.
I corrected my DNS last night and shut off the old server. When I created this post I was still getting the errors I mention but even now my new server shows a successful certificate renewal that started on the 17th as you mentioned, so that should resolve any new attempts. Seems like my issue is fixed but I guess let me know if I need to do anything to help with whatever the link issue is in case any testing is needed I can help with from my end/server. Granted my experience is limited, lol.
The unpause link should work so I've posted that as a problem offline to LE staff.
If I understand correctly being paused is fine for that old server account. So, LE should still look at that but won't matter for your case.
If you are using the same ACME Client on your new server as your old one you should investigate why it would retry failures so rapidly to get paused. Something is not setup or coded well to handle outages / failures properly.
@theMHguy Just for reference, a fix for the problem you pointed out has been fixed. I don't know the exact rollout schedule but thanks for reporting it.