Hi all,
3 months ago I’ve configured on my servers the certbot. Everything when OK to create the certificates, but at that moment I’ve used the standalone option to do the certificate verification.
But I didn’t notice that this is not working properly if Apache is running and is using 80 and 443 ports (obvious) when the certbot is trying to renew the certificates.
I’ve notice this first on a small server where I have a subdomain with SSL. Correcting the setup and using the apache plugin it worked to renew the certificate.
My problem now is that on my web server where I’m hosting some domains I can’t renew the certificate. I’m getting this issue:
ttempting to renew cert from /etc/letsencrypt/renewal/casutadinlunca.ro.conf produced an unexpected error: urn:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new authz :: too many currently pending authorizations. Skipping.
I’ve started to read about the rate limits … but now is too late do avoid this issue. All sites where configured with standalone option and I think this lead to this issue: certbot tried to do verification of the domains but it couldn’t bind on port 443 because of Apache. I’ve changed all files to use apache plugin like this:
/etc/letsencrypt/renewal/casutadinlunca.ro.conf
renew_before_expiry = 30 days
version = 0.11.1
…
Options used in the renewal process
[renewalparams]
authenticator = apache
installer = None
account = XXXX
Instead authenticator = standalone.
I’ve checked yesterday after I’ve did the change, I’ve tried today also and I’m receiving the same error.
The certificates will expire tomorrow afternoon.
What I can do?
Kind regards,
Adrian