SSL install and validation

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: lsrlawyer.com

My web server is (include version): Nginx

My hosting provider, if applicable, is: getflywheel.com

I can login to a root shell on my machine (yes or no, or I don’t know): no

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

I was installing SSL cert through a dashboard and I attempted to validate it too many times before the domain had fully resolved. Support has informed me that LetsEncrypt has banned my IP for 2 weeks due to too many attempts. In reading through the forum, it seems like the ban may not actually last that long. Is there a way to monitor this to find out when the ip ban would be lifted?

Hi @aprilIMS

there are some wrong informations. Read

Normal max. limit is one week.

But checking your domain there is no new certificate ( https://check-your-website.server-daten.de/?q=lsrlawyer.com#ct-logs ):

Issuer not before not after Domain names LE-Duplicate next LE
CloudFlare Inc ECC CA-2 2019-07-21 2020-07-20 blog.lsrlawyer.com - 1 entries
CloudFlare Inc RSA CA-1 2019-07-21 2020-07-20 blog.lsrlawyer.com - 1 entries
Let’s Encrypt Authority X3 2019-07-07 2019-10-05 cpanel.lsrlawyer.com, lsrlawyer.com, mail.lsrlawyer.com, webdisk.lsrlawyer.com, webmail.lsrlawyer.com, www.lsrlawyer.com - 6 entries
CloudFlare Inc RSA CA-1 2018-08-21 2019-08-21 blog.lsrlawyer.com - 1 entries
CloudFlare Inc ECC CA-2 2018-08-21 2019-08-21 blog.lsrlawyer.com - 1 entries

Last Letsencrypt certificate is from 2019-07-07.

So you may have hitted the

There is a Failed Validation limit of 5 failures per account, per hostname, per hour.

limit. But this is the most unrelevant limit - wait one hour.

Checking your domain /.well-known/acme-challenge/random-filename is redirected to another domain:

Domainname Http-Status redirect Sec. G
http://lsrlawyer.com/
68.183.144.200 301 http://www.lsrlawyer.com/ 0.207 D
http://www.lsrlawyer.com/
68.183.144.200 200 1.733 H
https://lsrlawyer.com/
68.183.144.200 479 3.907 N
Certificate error: RemoteCertificateNameMismatch
https://www.lsrlawyer.com/
68.183.144.200 479 4.070 N
Certificate error: RemoteCertificateNameMismatch
http://lsrlawyer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
68.183.144.200 301 http://www.lsrlawyer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.600 D
Visible Content: 301 Moved Permanently nginx
http://www.lsrlawyer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
68.183.144.200 301 http://acme.certmanager.io/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.207 D
Visible Content: 301 Moved Permanently nginx
http://acme.certmanager.io/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 404 0.287 A
Not Found

acme.certmanager.io - looks like this is a domain of your provider to manage Letsencrypt certificate validation.

So wait one hour, then try it again.

I appreciate you and your response. Thanks.

1 Like