SSL certificate is not being generated for one domain


#1

Hello, i have issue with generate Let’s Encrypt certificate only for one domain. Error:

Getting challenge for kaveiktivakarais.lt from acme-server…
Waiting for domain verification…
Challenge is valid.
Getting challenge for www.kaveiktivakarais.lt from acme-server…
Waiting for domain verification…
Challenge is valid.
Generating 4096 bit RSA key for kaveiktivakarais.lt…
openssl genrsa 4096 > "/usr/local/directadmin/data/users/karais/domains/kaveiktivakarais.lt.key.new"
Generating RSA private key, 4096 bit long modulus
…++
…++
e is 65537 (0x10001)
Size of certificate response is smaller than 500 characters, it means something went wrong. Printing response….

This is shared hosting VPS with DirectAdmin. I have checked logs and there is 5 unsucessful requests (last night) for generate certificate. There is some request limits for domain? And its possible to remove/increase limits? My server have about 125 users.

Thanks.


#2

Is that the full log?

Can you show the response:

It also looks like 5 certificates have already been successfully issued in the past 2 days for the domain:

https://crt.sh/?q=kaveiktivakarais.lt

So, you will have hit the following rate limit:

We also have a Duplicate Certificate limit of 5 certificates per week. A certificate is considered a duplicate of an earlier certificate if they contain the exact same set of hostnames, ignoring capitalization and ordering of hostnames

Perhaps you should investigate why the successfully issued certificates have not been installed to the server.


#3

Thank you for response.

Yes, this is full error message and i don’t have eany response info (this is a problem). Ok i check this issue from server side


#4

I have checked all server configuration and logs, but there is no information, which parameter is stuck and no response info fro error. For example i have been sent request from other domain overlingaite.lt in the same server and user and certificate has been successfully installed.


#5

Without logs or knowing how DirectAdmin implements things, it’s hard to know why it would fail to install a certificate. Since the certificates actually got issued, I would guess that points to configuration issues with the virtualhost itself rather than with the certificate (at least, that’s usually the case with e.g. cPanel).

To get more informed help you may need to wait out the rate limit window (7 days) and then get in get in contact with DirectAdmin support, since it is their third-party integration that needs to be looked at.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.