Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
I ran this command: I used the Austor Certicate Manager with auto renewal
It produced this output: The number of certificates issued by Let's Encrypt for your domain name has reached its limit. (Ref. 5019). I checked cert.sh and it's been issued less than 10 x which is below any limit I could see. Should I remove the certificate and start over?
My web server is (include version): Austor NAS
The operating system my web server runs on is (include version): Austor ADM 4.0.5.RWM1
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
it means you got fresh certificate and stash it away five times in last 7 days and keep ordering new plate. where all those certificates? and what file webserver uses for certificate?
wait this is not duplicate certificate limit but 50/week on registered domain limit. but dont see much on crt.sh search
weird @lestaff ratelimited on registed domain but not showing up crt.sh
The error message seems incorrect.
It's definitely NOT the first this thing that comes to mind.
I believe it is simply that your renewal attempt has failed five times within the last hour and you must wait a bit before trying again.
But I would advise NOT to keep trying something that is clearly NOT working.
You should focus on WHY it keeps failing.
To that end, I see that HTTP is being blocked [at least from my IP].
And Let's Degug shows a similar block: Let's Debug (letsdebug.net)
Adding on to Rudy's comment, your port 80 is closed. I can reach your domain just fine with HTTPS but an HTTP Challenge needs to use port 80.
nmap -p80,443 casawongo.com
rDNS record for 97.108.136.83: cpe005f67a457ad-cm84948c54ba60.cpe.net.fido.ca
PORT STATE SERVICE
80/tcp closed http
443/tcp open https
And, your error message is from your NAS. There are Let's Encrypt rate limits but we don't see you are hitting any. Unless it is a poorly worded error message about too many failures. See rate limit docs:
Hi, I have waited for more than an hour to try the renewal and I didn't do it for more than 5 times (unless the NAS is doing it repeatedly, but it I checked the logs and it doesn't appear to be the case).
I recently disabled port 80, but the failure happened before I blocked port 80. So I don't think that's the reason. Also, port 80 is not blocked outbound from my firewall, so the NAS can connect to the Let's Encrypt website on 80 & 443. But inbound to my NAS is blocked on port 80.
It's worth a try. The error message is not helpful. Asus is not passing along the exact message from Let's Encrypt so we're not sure what it is responding to. And, it might even be something internal to the NAS admin that is causing it. You could look in the detailed NAS logs but I doubt you'll find anything useful.
I searched the Asus forums and found one identical complaint (link here)
The work-around in that case was to get a new domain name. So, maybe your idea will work too.
