Too many failed authorizations recently

#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=pqm.net), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: pqm.net

I ran this command: certbot-auto certonly --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns -d ‘pqm.net,*.pqm.net’

It produced this output:

My web server is (include version): An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

The operating system my web server runs on is (include version): Debian Jessie

My hosting provider, if applicable, is: pqm.net

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.33.1

#2

Hi,

You are currently hitting failed validation limit, which would be refreshed in 1 hours.

There is a Failed Validation limit of 5 failures per account, per hostname, per hour. This limit is higher on our staging environment, so you can use that environment to debug connectivity problems.

Please wait for 1 hour and try again.

P.S. In the meantime, you could try to issue a test certificate with Let’s Encrypt staging environment, by adding --staging flag.
certbot-auto certonly --server https://acme-staging-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns -d pqm.net -d '*.pqm.net' --staging

Thank you

#3

Hi @grandgagnon

you want to create a wildcard-certificate with two challenges:

But you need two different TXT entries with the same name and different values.

Checking your domain there is only one value visible ( https://check-your-website.server-daten.de/?q=pqm.net ):

TXT - Entries

Domainname TXT Entry Status ∑ Queries ∑ Timeout
pqm.net MS=ms94621007 ok 1 0
pqm.net v=spf1 include:spf.protection.outlook.com ip4:207.134.6.0/24 ip4:216.218.8.0/24 ip4:216.218.40.0/24 ip4:207.134.106.0/24 a:mail.pqm.net a mx -all ok 1 0
www.pqm.net ok 1 0
_acme-challenge.pqm.net XNNXncT-kYZQdTTJr66nLb0uU1crX1od1rH71GHr6l8 looks good 1 0
_acme-challenge.www.pqm.net Name Error - The domain name does not exist 1 0
_acme-challenge.pqm.net.pqm.net Name Error - The domain name does not exist 1 0
_acme-challenge.www.pqm.net.www.pqm.net Name Error - The domain name does not exist 1 0

Your command requires two different entries with the same name

_acme-challenge.pqm.net

and two different values: One is

XNNXncT-kYZQdTTJr66nLb0uU1crX1od1rH71GHr6l8

but the other is missing.

Good: You didn’t create some typical wrong entries (double domain names or _acme-challenge as value).

#4

BIG TANKS! thats works!

2 Likes
closed #5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.