Unable to meet CA SCT embedding requirements


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:


I ran this command:

sudo certbot --nginx -d dercocenteryusic.cl -d www.dercocenteryusic.cl

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for dercocenteryusic.cl
http-01 challenge for www.dercocenteryusic.cl
Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
The server experienced an internal error :: Error finalizing order :: Unable to meet CA SCT embedding requirements
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version):


The operating system my web server runs on is (include version):

Ubuntu 18.04

My hosting provider, if applicable, is:


I can login to a root shell on my machine (yes or no, or I don’t know):


I’m using a control panel to manage my site (no, or provide the name and version of the control panel):



Can you try again?

You didn’t do anything wrong – that error message just means Let’s Encrypt had a problem. (Or several of the Certificate Transparency services Let’s Encrypt uses had problems.)

With luck, it’ll be ok now.


It’s on the status page now:



I can confirm this is related to the incident on the status page.

@albertosoho I believe the root cause has been remediated and you’ll be able to retry with success now.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.