Unable to get certificate for shared hosting

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (crt.sh | macaronesico.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: macaronesico.com

I ran this command: requested letsencrypt via DirectAdmin

It produced this output:

Found DNS provider configured: porkbun
2022/01/04 17:50:02 [INFO] [macaronesico.com, *.macaronesico.com] acme: Obtaining SAN certificate
2022/01/04 17:50:03 [INFO] [*.macaronesico.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/64705601000
2022/01/04 17:50:03 [INFO] [macaronesico.com] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/65002056600
2022/01/04 17:50:03 [INFO] [macaronesico.com] acme: authorization already valid; skipping challenge
2022/01/04 17:50:03 [INFO] [*.macaronesico.com] acme: use dns-01 solver
2022/01/04 17:50:03 [INFO] [*.macaronesico.com] acme: Preparing to solve DNS-01
2022/01/04 17:50:04 [INFO] [*.macaronesico.com] acme: Cleaning DNS-01 challenge
2022/01/04 17:50:04 [WARN] [*.macaronesico.com] acme: cleaning up failed: porkbun: unknown record ID for '_acme-challenge.macaronesico.com.' 'uAVRD-t1spFTe6Axl2cTYvPaY0zMIb-Munn9_YjrT-Y' 
2022/01/04 17:50:04 [INFO] Skipping deactivating of valid auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/64705601000
2022/01/04 17:50:04 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/65002056600
2022/01/04 17:50:05 Could not obtain certificates:
	error: one or more domains had a problem:
[*.macaronesico.com] [*.macaronesico.com] acme: error presenting token: porkbun: failed to create record: 400: {"status":"ERROR","message":"Domain is not opted in to API access."}
Certificate generation failed.

My web server is (include version): Shared webserver

The operating system my web server runs on is (include version): linux?

My hosting provider, if applicable, is:dactica hosting

I can login to a root shell on my machine (yes or no, or I don't know): negative

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
DirectAdmin

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Some test I made:
https://unboundtest.com/m/CAA/macaronesico.com/AE7QSWD5

https://tools.letsdebug.net/cert-search?m=domain&q=macaronesico.com&d=2160

I have a bunch of certificates in the domain that I cant revoke because the server was a selfhosting test and now its formated.
I changed DNS to dns1.dominiodns.com and dns2.dominiodns.com but letsencrypt still tries to handle certificate via registrar porkbun
Any hint will be apreciated!

LE is using a cached validation (for your account - which it can do for up to 30 days):

Revoking is not required.

Speak with the HSP (Hosting Service Provider) about the problem DirectAdmin seems to be giving you. Way too many certs are being issued by it.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.