Maximal certificate request reached for this domain name

Help
1

Hi, as per the title, I'm unable to obtain a certificate for my domain.
Below details:

My domain is: carlogar.it

I ran this command: Synology automatic certificate registration

It produced this output: error: "maximal certificate request reached for this domain name". (Note: I waited 2 hours and result is the same)

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: register.it

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes, DSM 6.2.3-25426 Update 3

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Thanks

2

Hi and welcome to the LE community forum :slight_smile:

There was one certificate issued about a week ago, and one today, so I don't understand why it shows that message.
See: crt.sh | carlogar.it

But, in any case, it should be able to use that cert. Unless, that is not the name used by the Synology...

3

Hi, thanks for the welcoming and the support :slight_smile:
I can unsderstand the one from one week ago, I tried to set it up with Register.it but I was not able to setup for the subdomain, so since the ISP subdomains redirect to a DDNS that redirect to my NAS and it's the NAS cert that gets displayed, I decided to move the certs down to the Synology.

But I do not understand the one today where comes from? I was getting another error before, I guess because I not had port 80 open, then I opened it and getting this error...

Do you then suggest to just wait or something else? How long should I wait? I read 1 hour but apparently that's not enought?

Thanks

EDIT:
Ok, that's weird. Now I tried again and instead I got the error "Failed to connect to Let's Encrypt. Please make sure the domain name is valid".
I'll wait for further comment before spamming the "apply" button :smiley:

1 Like
4

MMMkey... I think I found a working way... Can someone confirm my setup?

Instead request the certificate for the domain and adding the single alternative names, I've requested one single certificate for each subdomain? xxx.carlogar.it, xx1.carlogar.it. etc.
Looks like this is working properly, however I'm not a cert expert. Is this solution suitable?
Any long term issues?

Thanks for the support
Carlo

5

You might be able to create certificates that way.
But how will you use them?

6

Mainly to connect to the apps behind the proxy without having to remember ip and ports?

7

Sounds like you want to use the NAS as a reverse proxy and you want to give each internal system a unique Internet name.
That should be possible.
But I'm not familiar with that exact error message, so I can't help much with that.
Perhaps the Synology site has more information about it.

8

Actually when I was putting the domain i was getting the error, but putting the FQDN instead it worked like a charm? So now I have multiple certificates, one for each FQDN

9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.