Requesting SSL and not working

ilouie · July 23, 2021, 1:31pm

Guys, I have a brand new install of Centos 8, I have tried installing SSL on a domain and it keeps failing, now I have the too many tries error. I’d like to know what’s causing this issue. The DNS for the domain seems to be pointing to the IP Address. If you check the DNS to intrelligentconnect.com you’ll see it pointing to the IP Address. DNS Checker - DNS Propagation Check & DNS Lookup (whatsmydns.net) I also have Certbot installed as well. Here’s the error found in var/log/letsencrypt… Any suggestions on how to fix this issue?. Thanks in advance.

2021-07-23 13:17:55,258:DEBUG:certbot._internal.log:Exiting abnormally: Traceback (most recent call last): File "/bin/letsencrypt", line 11, in <module> load_entry_point('certbot==1.14.0', 'console_scripts', 'certbot')() File "/usr/lib/python3.6/site-packages/certbot/main.py", line 15, in main return internal_main.main(cli_args) File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 1435, in main return config.func(config, plugins) File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 1304, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/lib/python3.6/site-packages/certbot/_internal/main.py", line 140, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/lib/python3.6/site-packages/certbot/_internal/client.py", line 444, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/lib/python3.6/site-packages/certbot/_internal/client.py", line 374, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3.6/site-packages/certbot/_internal/client.py", line 406, in _get_order_and_authorizations orderr = self.acme.new_order(csr_pem) File "/usr/lib/python3.6/site-packages/acme/client.py", line 880, in new_order return cast(ClientV2, self.client).new_order(csr_pem) File "/usr/lib/python3.6/site-packages/acme/client.py", line 658, in new_order response = self._post(self.directory['newOrder'], order) File "/usr/lib/python3.6/site-packages/acme/client.py", line 86, in _post return self.net.post(*args, **kwargs) File "/usr/lib/python3.6/site-packages/acme/client.py", line 1198, in post return self._post_once(*args, **kwargs) File "/usr/lib/python3.6/site-packages/acme/client.py", line 1211, in _post_once response = self._check_response(response, content_type=content_type) File "/usr/lib/python3.6/site-packages/acme/client.py", line 1068, in _check_response raise messages.Error.from_json(jobj) acme.messages.Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/ 2021-07-23 13:17:55,263:ERROR:certbot._internal.log:An unexpected error occurred: 2021-07-23 13:17:55,263:ERROR:certbot._internal.log:There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Requesting a certificate for intrelligentconnect.com
Performing the following challenges:
http-01 challenge for intrelligentconnect.com
Using the webroot path /home/intrelligentconnect/public_html for all unmatched domains.
Waiting for verification...
Challenge failed for domain intrelligentconnect.com
http-01 challenge for intrelligentconnect.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: intrelligentconnect.com
   Type:   unauthorized
   Detail: Invalid response from
   http://intrelligentconnect.com/.well-known/acme-challenge/sa3_f6BOYyEDZHJ1qO4Z_j1V1Qrh6P8AAlbZ-uvaiOE
   [2604:a880:400:d0::20bb:1]: "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD
   HTML 2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Requesting a certificate for intrelligentconnect.com
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.

Centos 8.4
Webmin 19.73
VM 6.16

SYSTEM INFORMATION

OS type and version:	REQUIRED
Webmin version:	REQUIRED
Virtualmin version:	REQUIRED
Related products version:	RECOMMENDED

Joe · July 23, 2021, 3:32pm

Either your DNS is wrong and not pointing the the right IP, or something is preventing access to the .well-known directory.

ilouie · July 24, 2021, 12:09am

Thanks Joe. I created a different Droplet with C 8, and I still keep getting the errors when trying to install SSL. What is it that I’m missing, is there something besides Certbot that needs to be isntalled? I never had these issues with Centos 7… Please advice.

Here are the latest errors:

`Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Requesting a certificate for intrelligentconnect.com
Performing the following challenges:
http-01 challenge for intrelligentconnect.com
Using the webroot path /home/intrelligentconnect/public_html for all unmatched domains.
Waiting for verification...
Challenge failed for domain intrelligentconnect.com
http-01 challenge for intrelligentconnect.com
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: intrelligentconnect.com
   Type:   unauthorized
   Detail: Invalid response from
   http://intrelligentconnect.com/.well-known/acme-challenge/kojdGQmVIadeo6TDIVlZsNgTYOpo3Ea7voZO4gsuYok
   [2604:a880:400:d0::1973:b001]: "<!DOCTYPE HTML PUBLIC
   \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not
   Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p"

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address.`

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Requesting a certificate for intrelligentconnect.com
Performing the following challenges:
dns-01 challenge for intrelligentconnect.com
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Waiting for verification...
Challenge failed for domain intrelligentconnect.com
dns-01 challenge for intrelligentconnect.com
Cleaning up challenges
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Some challenges have failed.
IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: intrelligentconnect.com
   Type:   dns
   Detail: DNS problem: NXDOMAIN looking up TXT for
   _acme-challenge.intrelligentconnect.com - check that a DNS record
   exists for this domain

I see the domain has propagated.
DNS Checker - DNS Propagation Check & DNS Lookup (whatsmydns.net)

ilouie · July 24, 2021, 8:35pm

Certbot wasn’t completely set up. Now it’s working… TY

system · August 1, 2021, 8:36pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.