Too many failed authorizations recently

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g., so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: certbot-auto certonly --server --manual --preferred-challenges dns -d ‘,*’

It produced this output:

My web server is (include version): An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see

The operating system my web server runs on is (include version): Debian Jessie

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.33.1


You are currently hitting failed validation limit, which would be refreshed in 1 hours.

There is a Failed Validation limit of 5 failures per account, per hostname, per hour. This limit is higher on our staging environment, so you can use that environment to debug connectivity problems.

Please wait for 1 hour and try again.

P.S. In the meantime, you could try to issue a test certificate with Let’s Encrypt staging environment, by adding --staging flag.
certbot-auto certonly --server --manual --preferred-challenges dns -d -d '*' --staging

Thank you

Hi @grandgagnon

you want to create a wildcard-certificate with two challenges:

But you need two different TXT entries with the same name and different values.

Checking your domain there is only one value visible ( ):

TXT - Entries

Domainname TXT Entry Status ∑ Queries ∑ Timeout MS=ms94621007 ok 1 0 v=spf1 ip4: ip4: ip4: ip4: a mx -all ok 1 0 ok 1 0 XNNXncT-kYZQdTTJr66nLb0uU1crX1od1rH71GHr6l8 looks good 1 0 Name Error - The domain name does not exist 1 0 Name Error - The domain name does not exist 1 0 Name Error - The domain name does not exist 1 0

Your command requires two different entries with the same name

and two different values: One is


but the other is missing.

Good: You didn’t create some typical wrong entries (double domain names or _acme-challenge as value).

BIG TANKS! thats works!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.