When I try to connect to my subdomain using Virtualmin/Webmin, I receive an error notification that the date of the “Let’s Encrypt” SSL Certificate which was already activated and very operational for the Virtual Server (erp.worklx.com), has expired which blocks direct access to the subdomain at the level of the various web browsers and considers this subdomain as a link which could be dangerous because it is not secure:
So, when I try to manually renew the SSL Certificate whose date has expired, I get the following error:
Requesting a certificate for erp.worklx.com from Let's Encrypt ..
.. request failed : Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for erp.worklx.com
Using the webroot path /home/worklx/domains/erp.worklx.com/public_html for all unmatched domains.
Waiting for verification...
Challenge failed for domain erp.worklx.com
http-01 challenge for erp.worklx.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: erp.worklx.com
Type: unauthorized
Detail: 159.65.90.131: Invalid response from
http://erp.worklx.com/.well-known/acme-challenge/CKqPrRYpd2EPOBKBAZNuhdxj8r_oZOZ0A4rbOfLpFxY:
404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
DNS-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
1 - How to correct this problem of updating the SSL Certificate (Let’s Encrypt) on my “erp.worklx.com” subdomain (whose domain name “worklx.com” is registered with “Namecheap” and the Server Web is a Droplet from “DigitalOcean”) knowing that this certificate was activated and working very well but all of a sudden it doesn’t work anymore???
2 - Is there an effective method to configure the automatic activation or update of the SSL Certificate when it expires ???
And tried again to add a new SSL certificate to the affected subdomain (erp.worklx.com), this time I get a different following error:
Requesting a certificate for erp.worklx.com from Let's Encrypt ..
.. request failed : Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
DNS-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
I really need your help to renew SSL Let’s Encrypt Certificat for my subdomain erp.worklx.com.
Whether it is a subdomain is irrelevant. They’re all the same.
Are you sure DNS points to the right place? Are you proxying or redirecting or something that prevents Let’s Encrypt from being able to reach .well-known from the filesystem on that domain? That’d be your problem.
Thank you for your reply. But of course the DNS server points to the Digital Ocean Web Server. Because there is the subdomain name https://emm.worklx.com which we can see that the SSL Certificate works well and the padlock is displayed very well in web browsers even though it is a sub -domain hosted on the same Web Server (Droplet from Digitalocean) and the same main domain “worklx.com” registered with Namecheap.
How is it that the Virtual Server “emm.worklx.com” whose SSL certificate works well unlike that of the Virtual Server “erp.worklx.com” while the two subdomains use the same Web Server and the same Main Domain Name (worklx.com) from Namecheap ???
