You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Processingfive.fortunekit.com+Creatingnewdirectory/etc/resty-auto-ssl/letsencrypt/certs/five.fortunekit.com...+Signingdomains...
+Generatingprivatekey...+Generatingsigningrequest...+RequestingnewcertificateorderfromCA...+Received1authorizationsURLsfromtheCA+Handlingauthorizationforfive.fortunekit.com+1pendingchallenge(s)+Deployingchallengetokens...deploy_challenge+Respondingtochallengeforfive.fortunekit.comauthorization...
invalid_challenge
Invalid challenge: DOMAIN=five.fortunekit.comRESPONSE={"type": "http-01","status": "invalid","error": {"type": "urn:ietf:params:acme:error:connection","detail": "Fetching https://five.fortunekit.com/.well-known/acme-challenge/geyhMh-KOQTyNQRDIurMja32h3Xjd4nmiE9UkFBn15w: Timeout after connect (your server may be slow or overloaded)","status": 400},"url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/4699231438/-vRiFQ","token": "geyhMh-KOQTyNQRDIurMja32h3Xjd4nmiE9UkFBn15w","validationRecord": [{"url": "http://five.fortunekit.com/.well-known/acme-challenge/geyhMh-KOQTyNQRDIurMja32h3Xjd4nmiE9UkFBn15w","hostname": "five.fortunekit.com","port": "80","addressesResolved": ["35.154.129.216"],"addressUsed": "35.154.129.216"},{"url": "https://five.fortunekit.com/.well-known/acme-challenge/geyhMh-KOQTyNQRDIurMja32h3Xjd4nmiE9UkFBn15w","hostname": "five.fortunekit.com","port": "443","addressesResolved": ["35.154.129.216"],"addressUsed": "35.154.129.216"}]}err: Can't load ./.rnd into RNG
140653820678592:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=./.rnd
, context: ssl_certificate_by_lua*, client: 106.210.248.44, server: 0.0.0.0:443
2020/05/20 10:36:17 [error] 4144#4144: *4 [lua] ssl_certificate.lua:97: issue_cert(): auto-ssl: issuing new certificate failed: dehydrated failure, context: ssl_certificate_by_lua*, client: 106.210.248.44, server: 0.0.0.0:443
2020/05/20 10:36:17 [error] 4144#4144: *4 [lua] ssl_certificate.lua:291: auto-ssl: could not get certificate for five.fortunekit.com - using fallback - failed to get or issue certificate, context: ssl_certificate_by_lua*, client: 106.210.248.44, server: 0.0.0.0:443
2020/05/20 10:36:35 [error] 4144#4144: *12 [lua] ssl_certificate.lua:68: issue_cert(): auto-ssl: failed to obtain lock: timeout, context: ssl_certificate_by_lua*, client: 66.133.109.36, server: 0.0.0.0:443
2020/05/20 10:36:35 [error] 4144#4144: *12 [lua] ssl_certificate.lua:291: auto-ssl: could not get certificate for five.fortunekit.com - using fallback - failed to get or issue certificate, context: ssl_certificate_by_lua*, client: 66.133.109.36, server: 0.0.0.0:443
2020/05/20 10:36:36 [error] 4144#4144: *16 [lua] ssl_certificate.lua:68: issue_cert(): auto-ssl: failed to obtain lock: timeout, context: ssl_certificate_by_lua*, client: 34.209.232.166, server: 0.0.0.0:443
That leads to 429 error like
{"type": "urn:ietf:params:acme:error:rateLimited","detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/","status": 429}
The text was updated successfully, but these errors were encountered:
I had the same problem. The solution however is kind of non obvious if you don't dig trough how nginx selects location blocks.
The solution :
# wildcard HTTP server for domainsserver {
listen80;
server_name _;
# Endpoint used for performing domain verification with Let's Encrypt.location/.well-known/acme-challenge/ {
content_by_lua_block {
auto_ssl:challenge_server()
}
}
location/ {
return301 https://$host$request_uri;
}
Why this works and your example doesn't : because you have a return statement at the root of the server, so nginx sees that and directly returns 301 instead of first matching the location you have. So, don't use return in the root of a server. ever.
Redirection of HTTP to https leads to failure in getting new certificates
I was trying to redirect HTTP request at the port 80 in nginx.conf
It is showing error like this
That leads to 429 error like
The text was updated successfully, but these errors were encountered: