Renewing an existing certificate
Performing the following challenges:
tls-sni-01 challenge for mail.sylvan.com
tls-sni-01 challenge for postfixadmin.sylvan.com
tls-sni-01 challenge for sylvan.com
tls-sni-01 challenge for webmail.sylvan.com
tls-sni-01 challenge for www.sylvan.com
tls-sni-01 challenge for spam.sylvan.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. spam.sylvan.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to v
erify the domain :: Connection refused
- The following errors were reported by the server:
Detail: Connection refused
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
Tried again a couple of more times and then I see:
An unexpected error occurred:
There were too many requests of a given type :: Error creating new authz :: Too many invalid
I assume I’ve hit some rate limits. How do I add the one domain to this certificate?
The --standalone method would normally start its own listener there, so perhaps there is a firewall blocking all such connections from the public, or you’re not running this command directly on the 126.96.36.199 machine?
Did you leave nginx stopped? (ports 80 and 443 are still closed)
I see an active LE cert on port 25 (but it doesn’t yet have the domain you wanted to add), so I can assume this is a mail server and maybe NOT also a webserver?
So does the nginx use ports 80 or 443?