Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: bogongsound.com.au
I ran this command: sudo certbot --apache
It produced this output: Some challenges have failed
My web server is (include version): GNU/Linux 5.4.0-73-generic x86_64
The operating system my web server runs on is (include version): Ubuntu 20.04.2 LTS
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 2.5.0
Hey all,
I just updated the path to my site and went to reissue/update my certificate and now cannot. I keep getting Some challenges have failed and now a few other certificates are breaking also. I see there is service disruption to acme-v02.api.letsencrypt.org and looking at the log it appears this might be what is breaking everything. Would this be the case?
No, I don't think so. The errors for the disruption are different and I see odd behavior from your website. Looks more like an unlucky coincidence.
For example, requests to bogongsound.com.au return a cert for boleskine.philip-samartzis.com. That shouldn't be and is not related to Let's Encrypt. See this SSL Checker for example
EDIT: Well, James would know better but your site is still behaving poorly
Hey, that is the one site on the server that still has a working certificate. I’m going with James’ response as I also figured that considering the api endpoint that is issuing the certificates is down, its highly likely that this error would be thrown
It is now. It wasn't when I checked. That's how I knew your other domain name.
I saw the wrong cert using an openssl command to your domain from my own test server. The SSL Checker site I linked uses a similar method. Nothing to do with Let's Encrypt - just a routine request to your domain.
But, yes, as James said your cert request was failing due to the outage that's pretty clear for that failure.
@JamesLE Thanks so much for resolving this quickly. As luck would have it I tried to renew via my Synology DS during the service disruption and it failed repeatedly with "The certificate issuer is unable to validate this domain name. Please make sure the domain name is valid." Confirmed all pieces in place here (port 80 passing through), finally restarted router and DS, then got locked out with "Maximal certificate requests reached for this domain name." Finally found your status report of service disruption and the light bulb went on. All good now...
