Unblock request

I tried to request a certificate using tls-alpn-01 and dehydrated.io, but the ALPN Responder is not working. I tried to fix it for 5 times, then my IP is blocked for a whole week (according to https://letsencrypt.org/docs/rate-limits/).
Could anyone please unblock my IP, and tell me how to get a working responder?

My domain is: shezik.ddns.net

I ran this command: sudo ./dehydrated -c -f config

It produced this output: HTTP/1.1 429 Too Many Requests

My web server is (include version): lighttpd

The operating system my web server runs on is (include version): Debian 9

My hosting provider, if applicable, is: noip

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Dehydrated git-master-after-0.6.2

Hi,

Do you have an exact message that could share to us?

You probably are hitting Failed Validation limit

There is a Failed Validation limit of 5 failures per account, per hostname, per hour. This limit is higher on our staging environment, so you can use that environment to debug connectivity problems.

Thank you

Hi.
What should I exactly do?
I ran the command again and the error magically disappeared. Am I unblocked?
Now I just need an “ALPN Responder”. Could you help me?
Thanks a lot!

Hi,

I’m not familiar with ALPN / Dehydrated, but i assume the following doc would help: (From Dehydrated on Github)

Hi.
I'm currently using his ALPN responder. But every time it gets a request, I get the following errors:

Exception happened during processing of request from ('64.78.149.164', 37368)
Traceback (most recent call last):
File "/usr/lib/python3.5/socketserver.py", line 625, in process_request_thread
self.finish_request(request, client_address)
File "/usr/lib/python3.5/socketserver.py", line 354, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python3.5/socketserver.py", line 681, in init
self.handle()
File "alpn-responder.py", line 48, in handle
ssl_context = self.create_context(FALLBACK_CERTIFICATE, FALLBACK_KEY, True)
File "alpn-responder.py", line 26, in create_context
ssl_context.load_cert_chain(certfile=certfile, keyfile=keyfile)
FileNotFoundError: [Errno 2] No such file or directory

I found that I have neither /etc/ssl/certs/ssl-cert-snakeoil.pem nor /etc/ssl/private/ssl-cert-snakeoil.key. Is this the problem?

Hi,

I think that's the problem. (Since the error simply states "No such file or directory")
You should edit that to match the fallback certificate you would use for your domain...

Thank you

Hi.
Could you tell me what a fallback certificate is?
Thanks a lot!

On Debian-like distros, installing the ssl-cert package creates the snakeoil certificate for you.

If you've installed it and those files are still not present, you can run:

make-ssl-cert generate-default-snakeoil
3 Likes

Okay, thanks for your huge help!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.