Problems Renew certificate letsencrypt

Good morning dear,

Requested for your support, my certificate is going to meet 90 days and I have problems with the renewal, I get the following error

There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

They could support me indicating some solution.

Hi @Edson

please answer the following questions. That’s the standard template of #help


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

PS: Your older topic:

If it’s the same domain, do the same.

There is a non-standard port used, so you have to do additional steps, so that this non-standard-port uses the certificate.

confirming, it’s the same domain, only now I got the error mentioned above

if I have shell access

domain is speedtest.redeshibridas.com.gt

confirming, it’s the same domain, only now I got the error mentioned above

if I have shell access

domain is speedtest.redeshibridas.com.gt

Challenge failed for domain speedtest.redeshibridas.com.gt
Attempting to renew cert (speedtest.redeshibridas.com.gt) from /etc/letsencrypt/renewal/speedtest.redeshibridas.com.gt.conf produced an unexpected error: Some challenges have failed… Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/speedtest.redeshibridas.com.gt/fullchain.pem (failure)

That’s a completely unspecific error. That means only: Too much failed orders.

The command, the config file and the detailed output is required.

To understand, why an order doesn’t work.

Checking your configuration https://check-your-website.server-daten.de/?q=speedtest.redeshibridas.com.gt

That’s buggy.

Your http sends SSL-content:

Domainname Http-Status redirect Sec. G
http://speedtest.redeshibridas.com.gt/
138.94.253.6 400 0.356 M
Bad Request
https://speedtest.redeshibridas.com.gt/
138.94.253.6 -4 0.800 W
SendFailure - The underlying connection was closed: An unexpected error occurred on a send. The handshake failed due to an unexpected packet format.
https://speedtest.redeshibridas.com.gt:80/
138.94.253.6 200 2.166 Q
http://speedtest.redeshibridas.com.gt/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
138.94.253.6 400 0.380 M
Bad Request
Visible Content: Bad Request Your browser sent a request that this server could not understand. Reason: You’re speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please. Apache/2.4.18 (Ubuntu) Server at speedtest.redeshibridas.com.gt Port 443

And your https sends http content.

Is there a wrong (inverted) port forwarding? Or is the webserver configuration wrong?

mi problema es el rate limit

al correr sudo certbot renew --dry-run

me da el siguiente error

No, the failed challenges error isn’t a real problem. Wait one hour, then that rate limit is gone.

If your port 80 sends SSL content, that’s the reason your challenge fails. That can’t work.

PS: And there you see the same error: Bad request - http status 400.

I wait an hour, after that I go back to the command sudo certbot renew --dry-run

and will work the renewal of my certificate in the domain speedtest.redeshibridas.com.gt?

You have already waitet one hour. Your error says: Bad Request - http status 400. Same as https://check-your-website.server-daten.de/?q=speedtest.redeshibridas.com.gt checking http + /.well-known/acme-challenge/random-filename

after waiting 1 hour

try the command sudo certbot renew --dry-run and even gave me the same error,

what can I do to solve it I want to renew my certificate that expires on June 9

That’s not the same error, that’s a - better - http status 404 - Not Found.

There is a new check of your domain - https://check-your-website.server-daten.de/?q=speedtest.redeshibridas.com.gt

Now the main configuration is ok:

Domainname Http-Status redirect Sec. G
http://speedtest.redeshibridas.com.gt/
138.94.253.6 200 0.370 H
https://speedtest.redeshibridas.com.gt/
138.94.253.6 200 1.814 B
http://speedtest.redeshibridas.com.gt/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
138.94.253.6 404 0.457 A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server. Apache/2.4.18 (Ubuntu) Server at speedtest.redeshibridas.com.gt Port 80

So find your webroot / DocumentRoot and use it:

certbot run -a webroot -i apache -w yourDocumentRoot -d speedtest.redeshibridas.com.gt

yourdocumentroot would be what you put in the following script?

he gave me the error attached

The document root is defined in your vHost configuration. Not the path of the Certbot renew files.

I still get the error of rate-limit

If you use try and error, that can’t work.

Check your port 80 vHost, there should be the DocumentRoot defined. If not, define one.

Then check that: Create the two subdirectories

yourWebRoot/.well-known/acme-challenge

there a file (file name 1234), then try to load that file via

http://speedtest.redeshibridas.com.gt/.well-known/acme-challenge/1234

If that works, you have found your correct webroot.

the next configuration is the one I’m using in v80


I do not know if it’s okay

when checking my certificate

speedtest.redeshibridas.com.gt

I have no problem

when checking my certificate

speedtest.redeshibridas.com.gt:8080

I get the following error, because it will be the problem