@phenomlab oh, i need to request new certificate or renew?
@justoverclock Try to renew it. If that doesn’t work, then request a new one
@phenomlab nothing happen
Ultimo rinnovo fallito 01/11/2022 1:09:26 PM
Rinnovo fallito a causa di Web-based validation failed :
Saving debug log to /var/log/letsencrypt/letsencrypt.log
@justoverclock And if you try to request a new one ?
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
so i need to wait hour? month? 
@justoverclock Yep, that’s the rate-limit message. Try again in an hour.
@phenomlab after one hour or more:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator manual, Installer None
Renewing an existing certificate
Performing the following challenges:
dns-01 challenge for justoverclock.it
dns-01 challenge for justoverclock.it
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Running manual-auth-hook command: /etc/webmin/webmin/letsencrypt-dns.pl
Waiting for verification...
Challenge failed for domain justoverclock.it
Challenge failed for domain justoverclock.it
dns-01 challenge for justoverclock.it
dns-01 challenge for justoverclock.it
Cleaning up challenges
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Running manual-cleanup-hook command: /etc/webmin/webmin/letsencrypt-cleanup.pl
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: justoverclock.it
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.justoverclock.it - check that a DNS record exists
for this domain
Domain: justoverclock.it
Type: dns
Detail: DNS problem: NXDOMAIN looking up TXT for
_acme-challenge.justoverclock.it - check that a DNS record exists
for this domain
@justoverclock Seems your _acme-challenge DNS record is missing ?
@phenomlab didn’t touch anything from your last visit 
@justoverclock Very odd. Let me have a look at another way
@justoverclock I have installed the --nginx version of certbot on your server as per
https://sudonix.com/post/689
It’s showing that the renewal will work, but the rate-limit is currently still enforced, so we still need to wait.
Performing the following challenges:
http-01 challenge for justoverclock.it
http-01 challenge for www.justoverclock.it
Waiting for verification...
Cleaning up challenges
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/justoverclock.it/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/admin.justoverclock.it/fullchain.pem (success)
/etc/letsencrypt/live/forum.justoverclock.it/fullchain.pem (success)
/etc/letsencrypt/live/justoverclock.it/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
IMPORTANT NOTES:
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
root@justoverclock:/home/justoverclock#
@justoverclock should be resolved now
As a side note, this renewal won’t show in Virtualmin unless it is requested from there. This is done from the command line, so
certbot --nginx and follow the prompts
undefined phenomlab has marked this topic as solved on
@phenomlab so this is the command that i need to use everytime my certificate expire? thank you, precious as always
@justoverclock Not necessarily. You only need to use this if it fails from the Virtualmin window
