Too many requests of a given type - how do you reset this?

hubceo · October 13, 2017, 9:46pm

Hello - Thank you in advance

We are trying to update a cert that was already installed in our digital ocean Ubuntu 14.04.
Our tech was unsuccessful - unsure of how many attempts he made.

I originally did the install, so I made the next attempt and am getting this:
<>><<>
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new authz :: too many currently pending authorizations
<>><<>
Is there a way to reset this?

Domain is blueguru.com
We are running the instructions found here:
https://www.digitalocean.com/community/tutorials/how-to-secure-apache-with-let-s-encrypt-on-ubuntu-14-04

Thank you again

sahsanu · October 13, 2017, 10:30pm

Hi @hubceo,

First of all, you need to know what is going on with your renew process because it is not normal to reach this limit.

Anyway, you could try to invalidate pending authzs using a tool created by @ahaw021 https://github.com/ahaw021/LE_FIND_PENDING_AUTHZ/

Usage:

cd /var/log/letsencrypt/
wget https://raw.githubusercontent.com/ahaw021/LE_FIND_PENDING_AUTHZ/master/LE_FIND_PENDING_AUTHZ.py

Edit python script LE_FIND_PENDING_AUTHZ.py and modify these 2 variables:

Before:

PATH = r""
KEY_FOLDER = r""

After (you need to use the right path to your account on key_folder variable):

PATH = r"/var/log/letsencrypt"
KEY_FOLDER = r"/etc/letsencrypt/accounts/acme-v01.api.letsencrypt.org/directory/xxxxxxxxxxxxxxxxxxxxxxxxx"

Save the file and execute it:

python LE_FIND_PENDING_AUTHZ.py

the script should invalidate the pending authzs (you should see something like this):

Reviewing Auth: 9lzHojU6yyT2vEzYuI0wnha1A3UR8eKObjiQJQdvkk0
         Status:pending Domain: yourdomain.tld  Expires: 2017-10-16T20:34:12Z
Invalidating :9lzHojU6yyT2vEzYuI0wnha1A3UR8eKObjiQJQdvkk0

and if you run the script again, the previous pending authz should be invalid now:

Reviewing Auth: 9lzHojU6yyT2vEzYuI0wnha1A3UR8eKObjiQJQdvkk0
         Status:invalid Domain: yourdomain.tld  Expires: 2017-10-16T20:34:12Z

If you have invalidated the pending authzs you should try to renew your certs again.

I hope this helps.

Cheers,
sahsanu

hubceo · October 14, 2017, 7:27pm

That is a great description…
It totally worked!
Thank you very much.

By the way, the underlying reason for the multiple requests was that our DNS did not support CAA records. We upgraded that and bam. Everything worked. Thank you for helping me get rid of those pending requests.

Cheers back at you.
Mickey (Hubceo)

system · November 13, 2017, 7:27pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.