While trying to set up a certificate for use with a Synology DiskStation, I ran into problems forwarding port 80 to the DiskStation. After four failed attempts, Let's Encrypt has slapped my hand and said "Maximal certificate requests reached for this domain." The domain is freret.org.
For future reference: testing and debugging are best done using the Staging Environment and to assist with debugging there is a great place to start is Let's Debug.
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
The only open Port is 53 using nmap from my IPv4 location.
$ nmap -Pn mail.freret.org
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2023-02-09 11:46 PST
Nmap scan report for mail.freret.org (107.128.99.89)
Host is up (0.051s latency).
Not shown: 848 closed ports, 151 filtered ports
PORT STATE SERVICE
53/tcp open domain
Nmap done: 1 IP address (1 host up) scanned in 84.94 seconds
Hi Bruce,
"The only open Port is 53 using nmap from my IPv4 location."
I think you overlooked port 25, SMTP.
My instant challenge is convincing my Linux firewall to map incoming port 80 to an in-house Synology DiskStation. Due to some impending travel, I will have to put this effort on hold.
This is what nmap shows from my Comcast Xfinity IPv4 only location in the Portland Metro Area (Oregon).
$ nmap -Pn mail.freret.org
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2023-02-09 12:17 PST
Nmap scan report for mail.freret.org (107.128.99.89)
Host is up (0.051s latency).
Not shown: 848 closed ports, 151 filtered ports
PORT STATE SERVICE
53/tcp open domain
Nmap done: 1 IP address (1 host up) scanned in 69.07 seconds
107.128.99.89 is in California, between San Francisco and San Jose. As your TCP Port Scanner, Online Port Scan, Port Scanning | IPVoid scan showed, there are two open ports: 25 and 53.