When Generate certificate,An unexpected error occurred

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: certbot --nginx

It produced this output: Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Obtaining a new certificate
An unexpected error occurred:
The client sent an unacceptable anti-replay nonce :: JWS has an invalid anti-replay nonce: "01046InS_If89cnvaQhZP0Po5K49plN0xNeUTAiVvl33CL4"
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version): ngnix

The operating system my web server runs on is (include version): ubuntu 18

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

1 Like


1 Like


That probably shouldn't happen - Certbot is supposed to try again if it encounters a bad nonce error.

Could you try again right now?

If this happens repeatedly, could you please the contents of /var/log/letsencrypt/letsencrypt.log?

1 Like

it's ok now.
After another half an hour

Perhaps @dojobwill is running an older/ancient version of certbot? I didn't see a version number in the OP unfortunately.

Possibly! Can't really infer the version from the posted output.

Another possibility: checking the acme module again, Certbot will only retry a badNonce error once. It's possible that OP ran into back-to-back nonce errors due to random chance, or maybe there was something happening on the CA side.