SSLforfree.com throwing error trying to get DNS Verification text records

#1

SSLforfree,con suddenly doesn’t show DNS verification info as usual when creating a new CERT.

Here is the error I reported recently via email as well:

Using SSLforfree.com, I can no longer create a new CERT using Manual Verification (DNS) as when I click on that option then click Manually Verify Domain, I get an error below (instead of the ACME… txt records) I usually see:

“Error please try regenerating your account by using the link near the top of the page. If that does not work then please contact us for a fix:”

Well, I guess I’m contacting you for a fix…

FYI: I did also use that link suggested (Regenerate Account) but the problem just recurs. (Please note I’ve used this process a hundred times before, but today it just isn’t working, and I have expired CERTS that I need to replace NOW!)

Please help!!!
-Dan L.

Here is your requested/required info filled-out…

My domain is: skywardthought.com

I ran this command: (See above - trying to create new cert via SSLforfree - done it many times, so it’s nor me… I’m getting an error performing a VERY basic function on the site.)

It produced this output: (See my explaination above.)

My web server is (include version): (n/a - getting error from your site way early in the process)

The operating system my web server runs on is (include version): (n/a - see above.)

My hosting provider, if applicable, is: (n/a - see above.)

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): Yes/cPanel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): n/a

1 Like
#2

Hi @DanLJr

that’s an error message of SSLforfree, so you have to contact that platform.

SSLforfree uses Letsencrypt, but that’s a problem there.

PS:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

If you have root access: Why don’t you use your own client?

Check

#3

Appreciated. This isn’t the only domain I need to renew certs for, however, and not all are on servers with Root access. I’ve been using SSLforfree.com to renew for years, but suddenly today I can’t do ANYTHING there to renew, as all methods are failing.

I’ve notified them as well via email, but this is the only support forum I found, so…

-Dan

#4

Hmmm… zerossl.com failed as well. Is there something more “global” going on here with LetsEncrypt? All of a sudden, today, things that were working just fine before on various services (all related to LetsEncrypt) are simply not working anymore. What gives?

#5

it looks like you are useing cpanel hosting. doesn’t Cpanel has option for free cert generation?

#6

I’m not sure what you mean? I still have to use a certificate authority. I mean, I have a private/garbage cert on cPanel that works for, well, internal users, but to get the Green Lock on the public site, I need to do it through some authority.

I’d hate to have to start buying certs because sudden;y all of the tools I’ve been using for years to keep LetsEncrypt certs running are just failing.

I don’t have time to fight with it. I will just go elsewhere for my certs…

-Dan

#7

Same problem here. I’ll keep following replies to this thread for a fix.

#8

If you use cPanel, you should check if your hoster has Letsencrypt support enabled.

Then use that integrated solution.

It’s a Sslforfree-problem. Not a Letsencrypt-problem.

#9

None of my hosts do. I’ve always just updated manually through SSLforfree or other similar services. Now, suddenly, none of those services seem to be able to even begin the process of creating/renewing a cert. They can’t provide me with ACME info, and they are throwing errors, including things like 'Too many attempts…" and such…it’s almost like there is a general issue with LetsEncrypt and their providers since EVERYONE I’ve tried are all having problems at the same time. That DOES NOT sound like an individual provider issue, rather a systemic problem. Can’t say for sure. I don’t know. I just know I have sites down because I can’t renew my CERT. About to just go get commercial/paid certs and be done with it. This crap ain’t worth the headaches anymore…

#10

I just tried and succeeded to get a cert from zerossl.com with dns vaildation with wildcard, but I provide own csr and account key.

#11

That’s terrible.

One main idea of Letsencrypt is automation. So a website like Sslforfree may be used one or two times with test domains. But not permanent with productive domains.

It’s simple - it’s the wrong setting.

Read

Some in-browser ACME clients are available, but we do not list them here because they encourage a manual renewal workflow that results in a poor user experience and increases the risk of missed renewals.

PS: If you want to use certificates, change your hoster or upgrade your configuration.

#12

cPanel has a feature called AutoSSL which can be enabled by a hosting provider and which allows cPanel to automatically obtain publicly-trusted certificates, either from a cPanel CA or from Let’s Encrypt. If you don’t have access to this feature in your cPanel instance, you could ask your hosting provider about it. A great advantage to this is that it automates the certificate renewal.

#13

Failed how exactly? As @orangepizza mentioned, it worked for him just fine. Could you elaborate on which step what sort of error you have observed? Don’t forget that with web-clients your browser connectivity issues may also affect your experience, since your browser directly “talks” to Let’s Encrypt API endpoints.

#14

No AutoSSL, no specific LetsEncrypt support in some cases, so replying solely on manual renewals for some sites is necessary; I don’t control all of the factors for everything situation for which I’m trying to so something. I automate when that’s an option, but it’s not always an option (as it’s not necessarily in my power to make the change.)

#15

I also provided a CSR, so same method, but the error was something like: “Too many connections from this client.” (Error reported on zerossl.com during the process.)

I haven’t tried again at zerossl.com, but SSLforfree.com still can’t seem to process any requests for new certs no matter the method used. I’ll try zerossl.com once more and let you know if I have any better results this time around,.

#16

True. It is terrible. But I don’t control all of the factors involved in all of these situations. I’m just trying to repeat a process that’s worked dozens of times in the past, and on some of the servers I simply do not have the rights to setup automation. I do, however, in all cases, have the ability to generate a CSR, run it on a service (that USUALLY WORKS PERFECTLY FINE) and get a CERT to paste into cPanel. The process takes about two minutes - because I’ve done it dozens of times - and solves all of my issues for several domains that can’t take any automation.

Anyhow, going to check again on zerssl.com and see if they are working… (Other user reported that zerossl.com WAS working properly. I can confirm that sslforfree.com is still not.)

#17

UPDATE: zerossl.com did indeed work for me just a bit ago. (Earlier today, I was seeing the errors about two many connections from one client at zerossl.com - maybe because all of the sslforfree.com users were trying it there??? - but now it is fine.) Clearly, this was uniquely an sslforfree.com issue, not a LetsEncrypt issue. (But I was just not sure in the beginning, since I was having issues with multiple client websites trying to create a cert.) All good now, and I’m moving forward using zerossl.com successfully where I was normally using sslforfree.com in the past.

Thanks, everybody!
-Dan

#18

Same problem here also.

#19

Just went to renew our certificates, tested in Chrome and Firefox. Same error for multiple domains when manually trying to verify (DNS)

Error please try regenerating your account by using the link near the top of the page. If that does not work then please contact us for a fix:

#20

Same problem here. Nothing actually works but it used to work well in the past. Certificate expiring soon. Any viable alternatives? zerossl.com having problems as well.