My host domain always include "-1000" string end of my domain

I try to renewal my domain.

./letsencrypt-auto certonly --renew-by-default --rsa-key-size 4096 --email example@example.com -d $DOMAIN --debug

It is seems to be success.
But /etc/letsencrypt/archive,live has unexpected folder "www.mydomain.com-1000"
Also the certification isn’t renewal to my domain.

expect) www.mydomain.com
actual) www.mydomain.com-1000

And I have any chance to try renewal with different options, coz “There were too many requests of a given type”.

Has somebody the same issue? And plz, let me know when it’s gone rateLimited error?

Could you also show us the log from your run of the client?

Can you share the output of
echo \"${DOMAIN}\"

Sorry… I can’t reproduce because of “Too many request” issue.
But, I’m sure. It looks success;

www.martmoa.com

Is it what you want???

Hello @SSaMKJ,

Take a look to this picture:

1.- 21st Dec you created a certificate for www.martmoa.com

2.- 21st Dec you created a new certificate for www.martmoa.com AND martmoa.com, so letsencrypt expanded your current cert created only for www.martmoa.com

3.- 3rd March you created a certificate only for www.martmoa.com, so letsencrypt found that the dir /etc/letsencrypt/live/www.martmoa.com/ was taken and as you shrink the original certificate (contains only www.martmoa.com and not martmoa.com) and the current certificate contained 2 domains, letsencrypt decided to not touch the current one, so it created a new dir /etc/letsencrypt/live/www.martmoa.com-1000/ to locate the new cert.

So, if you add more domains (expand) to the certificate it will preserve the current dir, if you remove domains (shrink) to the certificate a new dir will be created.

I know there is/was some open issue to catch this situation but I can’t find it right now.

Cheers,
sahsanu

1 Like

If that was the exact output from the command, yes. Just making sure there wasn’t anything else appended to the $DOMAIN var.

Thank you very much. You saved me!! and world!!

@SSaMKJ, you are welcome… I didn’t know you were the Cheerleader :astonished: :smiley:

1 Like

@sahsanu
I tried all removed every files in /etc/letsencrypt/accounts, archive, css, keys, live, renewal
and do blew
./letsencrypt-auto certonly --rsa-key-size 4096 --email dev@martmoa.com -d www.martmoa.com --debug
but failed.

Traceback (most recent call last):
File “/root/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/letsencrypt/cli.py”, line 1993, in main
return config.func(config, plugins)
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/letsencrypt/cli.py”, line 707, in obtain_cert
_, action = _auth_from_domains(le_client, config, domains, lineage)
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/letsencrypt/cli.py”, line 475, in _auth_from_domains
lineage = le_client.obtain_and_enroll_certificate(domains)
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/letsencrypt/client.py”, line 269, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/letsencrypt/client.py”, line 252, in obtain_certificate
return self.obtain_certificate_from_csr(domains, csr) + (key, csr)
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/letsencrypt/client.py”, line 229, in obtain_certificate_from_csr
authzr)
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/acme/client.py”, line 319, in request_issuance
headers={‘Accept’: content_type})
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/acme/client.py”, line 652, in post
return self._check_response(response, content_type=content_type)
File “/root/.local/share/letsencrypt/lib/python2.6/site-packages/acme/client.py”, line 568, in _check_response
raise messages.Error.from_json(jobj)
Error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new cert :: Too many certificates already issued for: martmoa.com

please help me. I have only 10 days .

Hello @SSaMKJ,

On 3rd March you issued 5 certs so try again later, today 10th March you should be able to issue 5 more certs for your domain.

Good luck,
sahsanu

@sahsanu
Thank you for your answer, but I don't understand. Please tell me more specific.

let me know the specific day.

@SSaMKJ,

Let’s Encrypt has a rate limit (5 certs per 7 days), you have issued 5 certs in last 7 days, indeed you issued all of them on 3rd March:

DOMAIN (CN)       VALID FROM             VALID TO
www.martmoa.com   2016-Mar-03 03:55 UTC  2016-Jun-01 03:55 UTC
dev.martmoa.com   2016-Mar-03 03:50 UTC  2016-Jun-01 03:50 UTC
www.martmoa.com   2016-Mar-03 03:52 UTC  2016-Jun-01 03:52 UTC
www.martmoa.com   2016-Mar-03 03:46 UTC  2016-Jun-01 03:46 UTC
dev.martmoa.com   2016-Mar-03 03:39 UTC  2016-Jun-01 03:39 UTC

So you need to wait 7 days from the first certificate issued that in your case was this:

dev.martmoa.com 2016-Mar-03 03:39 UTC 2016-Jun-01 03:39 UTC

If you add 7 days + 1 minute to this certificate 2016-Mar-03 03:39 UTC + 7 days + 1 minute you get 2016-Mar-10 03:40 UTC which means that right now 2016-Mar-10 06:14 UTC you should be able to issue 5 more certs. That is the theory, if you tried to issue your certificate after 2016-Mar-10 03:40 UTC and you couldn’t then you need to wait just a few hours to be able to issue more certs or try again tomorrow just to be sure.

Cheers,
sahsanu

@sahsanu
Dear my super hero.
It’s working. Thank you very much.
You saved universe.:heart_eyes:

1 Like