Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
It produced this output:
./letsencrypt-auto has insecure permissions!
To learn how to fix them, visit Certbot-auto deployment best practices
/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/cryptography/hazmat/primitives/constant_time.py:26: CryptographyDeprecationWarning: Support for your Python version is deprecated. The next version of cryptography will remove support. Please upgrade to a 2.7.x release that supports hmac.compare_digest as soon as possible.
utils.PersistentlyDeprecated2018,
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Cert is due for renewal, auto-renewing…
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains: www.talkyoo.net: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
My web server is (include version):
nginx/1.4.6
The operating system my web server runs on is (include version):
Ubuntu 14.04.2 LTS
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.35.1
The renewal of the certificate failed, than we exceeded the rate limit, is it possible to extend it?
Ok, than this seems to be a recent change:
root@proxy02:~# ls /etc/letsencrypt/archive/www.talkyoo.net/*3.pem
cert3.pem chain3.pem fullchain3.pem privkey3.pem
in the former version the file was there. And also for the wildcard it is all in the same folder…
That is not correct. keys contains a backup of each private key, but the canonical version exists as privkey.pem within archive and is linked from live.