Problem with renewing multiple domains using simp_le


#1

My domain is: Multiple domains (one example: http://www.simonsangelholm.se/)

I ran this command: for file in /var/certs/; do (
currdate=$(date +"%d/%m-%y %T");
atrecord=$(dig +short @8.8.8.8 ${file##
/});
if [[ $atrecord =~ “IP1” ]] || [[ $atrecord =~ “IP2” ]]
then
wwwrecord=$(dig +short @8.8.8.8 www.${file##/});
if [[ $wwwrecord =~ “IP1” ]] || [[ $wwwrecord =~ “IP2” ]]
then
cd /var/certs/${file##
/}
simp_le
–email EMAIL
–tos_sha256 SHAKEY
–default_root /var/www/webrootauth
–server https://acme-v01.api.letsencrypt.org/directory
-f key.pem -f fullchain.pem -f account_key.json -d ${file##/} -d www.${file##/} > /var/bmss/certlog.txt
if [[ $? == 0 ]]
then
echo "$currdate: created certs for ${file##/}"
fi
if [[ $? == 2 ]]
then
echo "$currdate: error creating certs for ${file##
/}"
fi
fi
fi
) done

/bin/systemctl reload nginx.service
/bin/systemctl status nginx.service

It produced this output: some outputs are: 2018-03-13 17:28:27,178:INFO:simp_le:1383: Certificates already exist and renewal is not necessary, exiting with status code 1. <-- These output works. But some outputs are:
2018-03-13 17:27:24,960:INFO:simp_le:1211: Generating new account key
2018-03-13 17:27:27,424:INFO:requests.packages.urllib3.connectionpool:758: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2018-03-13 17:27:27,717:INFO:requests.packages.urllib3.connectionpool:758: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2018-03-13 17:27:28,056:INFO:requests.packages.urllib3.connectionpool:758: Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
ACME server returned an error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new registration :: too many registrations for this IP: see https://letsencrypt.org/docs/rate-limits/
Probably those sites that can’t be renewed.

My web server is (include version): CentOS Linux 7 (Core) with Nginx

I checked the rate limit link (https://letsencrypt.org/docs/rate-limits/) to see if that’s the problem, and last update is yesterday, but I don’t know what have changed on rate limit that could cause this problem. I’ve lost more than 30-40 certs today and yesterday so I have no idea if it’s because of the changed rate limits or if it’s something else.

Thanks for taking your time to read this!


#2

Hi @SantinoPetrovic,

Does simp_le not persist account registrations? It appears that you’re creating a new account for each certificate request, which is the reason for hitting the rate limit here.


#3

Hi schoen, thanks for the reply!

This is pretty weird for me, because this script has been there for over a year without any problems until yesterday. Is there something new that have changed in Let’s Encrypt that could create this problem?


#4

Do you share your infrastructure with someone else, like a shared hosting server?


#5

Hi again,

It looks like it was a older client I’ve used (https://github.com/kuba/simp_le)

I got help with setting up a newer one (https://github.com/zenhack/simp_le) and it looks like it’s getting better.

Thanks for the help though!


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.