The server experienced an internal error :: Error finalizing order

Nice thanks for the updates

3 Likes

Thank you for all your hard work, especially on a Sunday! So much respect for fellow SysAdmins!

3 Likes

We’re in the process of restoring API services right now. Before we re-enable certificate issuance we’re going to process the orphaned certificates queue.

3 Likes

thank you for your work :heart_eyes::heart_eyes::heart_eyes:

4 Likes

I now have “Error creating new order :: too many certificates already issued for exact set of domains”. Like seriously, my backend has been down for hours and all my API services can’t be reached by my clients and I can’t ask for a certificate because I’ve tried to solve the problem.
I have deleted every certbot configuration files because I thought the problem was from my side. How can I retrieve a certificate?

3 Likes

same here --> too many certificates already issued

2 Likes

Certificates that were issued during the outage and later incorporated into the database are currently counting against rate limits. We realize that means some people will incorrectly see rate limited status even though they never got certificates during the outage. We’re discussing ways to fix, and will update when we have a conclusion.

5 Likes

Quick update: We have an implementation plan to fix the rate limit issues and working on fixing it.

5 Likes

Has the fix been implemented? For those effected should we attempt to renew ?

1 Like

Not yet. Will update here and on https://letsencrypt.status.io when it has.

As a quick fix for “too many certificate”, we grabbed the latest certificate from here, https://check-your-website.server-daten.de and then matched the certificate with correct key located at /etc/letsencrypt/ keys and updated the .conf file accordingly. It seemed to work for us. Hope it helps for any one looking to get their site running ASAP. :slight_smile:

4 Likes

Oh, that works? I've checked some domains, normally, the leaf certificate is downloaded, if Certspotter has only the pre-certificate.

But I didn't found such download links (checked a few hours earlier).

May work since Letsencrypt works again.

Good to know - thanks! :+1:

1 Like

Now tested. The domain ronanarraes.com - listet there - @Ronis_BR

With

The server experienced an internal error :: Error finalizing order

The old check (17:00, Berlin, +01):

Only Precerts, 13 created today, so the 5 identical certificates limit didn't block.

Now rechecked the domain (21:37):

Now the leaf certificates are available.

To use: Find the private key with the same time (may be one hour wrong), download the leaf certificate -> install it manual.

1 Like

We’ve now applied the fix for rate limit issues. Anyone affected by rate limits should try again now.

5 Likes

I’ve posted a preliminary incident report at 2019.11.17 Autoincrement maxed out.

3 Likes

I was able to renew my cert. I would like to thank you and your team for the communication. Not going to lie i felt sick when the rate limit became an issue. All of my services are up and running!!

4 Likes

Now all is green.

https://letsencrypt.status.io/

So it’s time to unpin this topic.

2 Likes

Thanks a lot for your hard work, guys!

4 Likes