Comments (7)
@Korenchkin You have hit the rate limit by Let's Encrypt. You can use wildcard certificate with DNS challenge or put all the subdomains / hostname into a single certificate (i.e. generate certificate with multiple subdomains, separated by comma like sub1.example.com,sub2.example.com, (and the rest of your 17 host names)
.
If you are migrating from Caddy to Zoraxy (which we usually recommend advance users to move from Zoraxy to Caddy instead), you do not generate a set of new certificates. Instead, you should migrate the certificate from your old setup to the new one following this guide here.
from zoraxy.
This i understand and i had imported rest of the certificates,but in the end this bug remains,you seem to create new letsencrypt login for each certificate,otherwise i would have 1 or 2 new registration (i was testing) on my ip...
what happens on renew if i have 20 certificates ending at the same time?renew 10,fails rest and retry next day?
I.e. no cached login means new registration for each certificate,cached login means one registration for 20 certificates and no problem(or other limits might apply,but probably much higher)
Or do i understand it wrong how letsencrypt work?
from zoraxy.
@Korenchkin I don't know what do you mean by login. You do not need to login to anything to use Let's Encrypt. If you have 20 sites that needed to be served over TLS / HTTPS, use a cert that contains multiple hostname (SAN certificate). Zoraxy support generating SAN certificate via Lets Encrypt so I am not sure what is your problem here.
from zoraxy.
you don't need login,but you should use it once you get it,if you try caddy for example,create some server and find /|grep 'servername' to locate,where it is,in the same location (for me /var/lib/caddy/.local/share/caddy/acme/acme-v02.api.letsencrypt.org-directory/users/'email'/'namebefore@'. json and key,this is your login
if you create new login (i believe you create,maybe without knowing it) for each certificate,you hit limit after 10 certificates(10 new logins)
key is just small ~200bytes private key
edit: in caddy i have one name per certificate,i prefer it for security reasons(if you look on certificate,you don't know what other servers i have)
from zoraxy.
Hmmm, Lets ping the ACME module author and ask for his opinion @yeungalan .
from zoraxy.
Hi, it sounds like you hit Let's Encrypt's registration limit. Which is 10 accounts per IP address every 3 hours, to reduce the amount of repeated registration you may try to merge your domains into a single certificate and that should resolve your issue
https://letsencrypt.org/docs/too-many-registrations-for-this-ip/
from zoraxy.
checking in to improve this procedure
from zoraxy.
Related Issues (20)
- [HELP] LetsEncrypt dns-01 update with wildcard domain on CloudFlare? HOT 4
- [BUG] old virtual directory doesn't get remove on uptime page HOT 1
- [BUG] The HTTP Host Header cannot be modified. HOT 3
- [ENHANCEMENTS] Configurable Cert Expire Soon threshold HOT 1
- [BUG] GEOIP ACL HOT 3
- [Possible BUG] using "PORT" enviroment lead to unresponsive GUI and "time out" requests to the proxy HOT 2
- [ENHANCEMENTS] Allow for Basic Auth Credentials to be mapped to multipule endpoints HOT 5
- [ENHANCEMENTS] ppc64el support HOT 2
- [ENHANCEMENTS] Allow bypass of Basic Auth for specified subnets
- [ENHANCEMENTS] Improve GUI/user experiance saving config under HTTP Proxy config
- [BUG] 3.0.8 Config Updater didn't seem to work HOT 2
- [ENHANCEMENTS] - Enable the ability to specify a certificate manually per service. HOT 1
- [BUG] CSRF Vulnerability HOT 1
- [HELP] DESEC_PROPAGATION_TIMEOUT environment variable ignored ? HOT 2
- [BUG] TLS handshake errors in docker log for proxy hosts HOT 6
- [BUG] GeoIP blocks unkown IP - why are there unknown IPs ? HOT 4
- [BUG] Problem generating wilcard certificates with gandi HOT 6
- [BUG] Path Traversal Vulnerability with Static Web Server HOT 6
- [BUG] zoraxy do not start without ipv6 HOT 1
- Love your product HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zoraxy.