"Too Many Renewal attempts" after restarting VPS

My domain is:
I ran this command:
sudo caddy
It produced this output:

My web server is:
Caddy, 0.11.5
The operating system my web server runs on is :
Ubuntu server 16
My hosting provider, if applicable, is:
I can login to a root shell on my machine
i don’t know, i normally ssh
I’m using a control panel to manage my site
The version of my client is
caddy 0.11.5

@mholt, can you explain what could have caused this error?

https://mattiebit.space/ is being proxied by Cloudflare now, so TLS-ALPN won’t work.

Caddy also supports DNS validation with Cloudflare, so you could switch to that.


HTTP validation would probably also work, but I’m not sure if Caddy supports that.

If your site will always be proxied by Cloudflare, you could instead stop using Let’s Encrypt and start using Cloudflare’s Origin CA.

1 Like

Yeah, putting Cloudflare (“with the orange cloud” enabled) or any CDN in a similar fashion in front of your site will break the TLS-ALPN challenge, so renewals will fail with that in Caddy 0.11.5.

Caddy 0.11.5 has a known bug from an upstream dependency, go-acme/lego, which does not try the other challenge types (such as HTTP) even though they are enabled - which was introduced in a change that had like a quarter million lines updated so it went unnoticed in a review, but the bug report is still open. The latest version of Caddy (v1.0.1) works around this limitation and now the latest Caddy again has the most robust, reliable ACME challenge implementation of any server: it randomizes challenge selection among enabled challenges, and will retry if one fails. (It used to do this but that was when lego was working correctly.)

In any case, you should upgrade your Caddy version to benefit from this. Once the rate limit expires, you can get a certificate. To be absolutely correct, though, should also disable the TLS-ALPN challenge since it will not work behind Cloudflare anyway: https://caddyserver.com/docs/cli#disable-tls-alpn-challenge


Thank you, i will try with the solutions provided.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.