Maximal certificate request reached for this domain name

treawlony · January 11, 2021, 1:50pm

Hi, as per the title, I'm unable to obtain a certificate for my domain.
Below details:

My domain is: carlogar.it

I ran this command: Synology automatic certificate registration

It produced this output: error: "maximal certificate request reached for this domain name". (Note: I waited 2 hours and result is the same)

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is: register.it

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): yes, DSM 6.2.3-25426 Update 3

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Thanks

rg305 · January 11, 2021, 3:05pm

Hi and welcome to the LE community forum

There was one certificate issued about a week ago, and one today, so I don't understand why it shows that message.
See: crt.sh | carlogar.it

But, in any case, it should be able to use that cert. Unless, that is not the name used by the Synology...

treawlony · January 11, 2021, 4:20pm

Hi, thanks for the welcoming and the support
I can unsderstand the one from one week ago, I tried to set it up with Register.it but I was not able to setup for the subdomain, so since the ISP subdomains redirect to a DDNS that redirect to my NAS and it's the NAS cert that gets displayed, I decided to move the certs down to the Synology.

But I do not understand the one today where comes from? I was getting another error before, I guess because I not had port 80 open, then I opened it and getting this error...

Do you then suggest to just wait or something else? How long should I wait? I read 1 hour but apparently that's not enought?

Thanks

EDIT:
Ok, that's weird. Now I tried again and instead I got the error "Failed to connect to Let's Encrypt. Please make sure the domain name is valid".
I'll wait for further comment before spamming the "apply" button

treawlony · January 11, 2021, 5:04pm

MMMkey... I think I found a working way... Can someone confirm my setup?

Instead request the certificate for the domain and adding the single alternative names, I've requested one single certificate for each subdomain? xxx.carlogar.it, xx1.carlogar.it. etc.
Looks like this is working properly, however I'm not a cert expert. Is this solution suitable?
Any long term issues?

Thanks for the support
Carlo

rg305 · January 11, 2021, 5:50pm

You might be able to create certificates that way.
But how will you use them?

treawlony · January 11, 2021, 7:12pm

Mainly to connect to the apps behind the proxy without having to remember ip and ports?

rg305 · January 11, 2021, 7:59pm

Sounds like you want to use the NAS as a reverse proxy and you want to give each internal system a unique Internet name.
That should be possible.
But I'm not familiar with that exact error message, so I can't help much with that.
Perhaps the Synology site has more information about it.

treawlony · January 11, 2021, 8:48pm

Actually when I was putting the domain i was getting the error, but putting the FQDN instead it worked like a charm? So now I have multiple certificates, one for each FQDN

system · February 10, 2021, 8:48pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.