Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps - Status | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. SSL Is rate limited and I want to install cloudflare

SSL Is rate limited and I want to install cloudflare

Scheduled Pinned Locked Moved Solved Support
certificatesletsencrypt
3 Posts 3 Posters 1.2k Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A Offline
    A Offline
    aziz
    wrote on last edited by girish
    #1

    NET::ERR_CERT_AUTHORITY_INVALID

    4cc3c829-0257-48a2-92c6-2d12b2a763c0-image.png

    And my console when I renew the cert

    checkCerts
    Oct 22 18:14:15 box:settings initCache: pre-load settings
    Oct 22 18:14:15 box:taskworker Starting task 73. Logs are at /home/yellowtent/platformdata/logs/tasks/73.log
    Oct 22 18:14:15 box:tasks 73: {"percent":2,"error":null}
    Oct 22 18:14:15 box:tasks 73: {"percent":1,"message":"Ensuring certs of my.devz.cloud"}
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: my.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
    Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.1341194675926
    Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
    Oct 22 18:14:15 box:tasks 73: {"percent":26,"message":"Ensuring certs of test.devz.cloud"}
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: test.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.key
    Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13411917824074
    Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
    Oct 22 18:14:15 box:tasks 73: {"percent":51,"message":"Ensuring certs of devz.cloud"}
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: devz.cloud cert does not exist
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: getting certificate for devz.cloud with options {"prod":true,"performHttpAuthorization":false,"wildcard":true,"email":"faziz4911@outlook.sa"}
    Oct 22 18:14:15 box:cert/acme2 getCertificate: attempt 1
    Oct 22 18:14:15 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
    Oct 22 18:14:15 box:cert/acme2 registerUser: registering user
    Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0101jF-st20zZzi6eL2phy-mDC85Wq9U5cCzJQcZuEHcwqE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
    Oct 22 18:14:15 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:15 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
    Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0102u0gtzaL0GPDx-hTQy6P2_uV4HfRwl4Su7P06KNr5Nxk for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:16 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
    Oct 22 18:14:16 box:cert/acme2 newOrder: devz.cloud
    Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102srJGvBOG3Hiacset3kFi-JTG005puX3LnSkHiHOPk5E for url https://acme-v02.api.letsencrypt.org/acme/new-order
    Oct 22 18:14:16 box:cert/acme2 getCertificate: attempt 2
    Oct 22 18:14:16 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
    Oct 22 18:14:16 box:cert/acme2 registerUser: registering user
    Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102oMuXu5-pT-j0HLeGauy1X9XE18lmoQAK_TBll-yO_XE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
    Oct 22 18:14:16 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:16 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
    Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0101drspmA_ZPCI7tFz67SrIb_nY7aBQk63HbcQFIC31RxM for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:17 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
    Oct 22 18:14:17 box:cert/acme2 newOrder: devz.cloud
    Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0102ey8bannQy2_xDWaA3rW7F6cwBLwj8Zd4qyLtCu2cfhs for url https://acme-v02.api.letsencrypt.org/acme/new-order
    Oct 22 18:14:17 box:cert/acme2 getCertificate: attempt 3
    Oct 22 18:14:17 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
    Oct 22 18:14:17 box:cert/acme2 registerUser: registering user
    Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0101PpaQFUOLybXOQGhg3U0YKY3h_MPRPKt9nLICiui45vo for url https://acme-v02.api.letsencrypt.org/acme/new-acct
    Oct 22 18:14:17 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:17 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
    Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102JJhn_Gcpw3O0nhYKxGZeoz9tLmaKZiClpagbTGjLraQ for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:18 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
    Oct 22 18:14:18 box:cert/acme2 newOrder: devz.cloud
    Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102ryT8-GhcAKp4JxM5lIXLEeyIm-1wTajNBBLwgGwOhao for url https://acme-v02.api.letsencrypt.org/acme/new-order
    Oct 22 18:14:18 box:reverseproxy ensureCertificate: error: Failed to send new order. Expecting 201, got 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRyFTLRNyDmT1a1boZVcertificates (5) already issued for this exact set of domains in the last 168 hours: devz.cloud: see https://letsencrypt.org/docs/rate-limits/","status":429} cert: /home/yellowtent/platformdata/nginx/cert/devz.cloud.cert
    Oct 22 18:14:18 box:reverseproxy ensureCertificate: renewal of devz.cloud failed. using fallback certificates for devz.cloud
    Oct 22 18:14:18 box:tasks 73: {"percent":76,"message":"Ensuring certs of forum.devz.cloud"}
    Oct 22 18:14:18 box:reverseproxy ensureCertificate: forum.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407695601852
    Oct 22 18:14:18 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
    Oct 22 18:14:18 box:reverseproxy renewCerts: Renewed certs of []
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407671296297
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Nov 26 18:09:20 2023 GMT daysLeft=765.1215419097222
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/devz.cloud.host.cert notAfter=Dec 28 19:26:58 2023 GMT daysLeft=797.1754538657408
    Oct 22 18:14:18 box:taskworker Task took 3.816 seconds
    Oct 22 18:14:18 box:tasks setCompleted - 73: {"result":[null,null],"error":null}
    Oct 22 18:14:18 box:tasks 73: {"percent":100,"result":[null,null],"error":null}

    I see it like it's ratelimit so i need cloudflare how do i setup it when I wanted to it keep redirect until the browser stops me

    nebulonN 1 Reply Last reply
    0
    • A aziz

      NET::ERR_CERT_AUTHORITY_INVALID

      4cc3c829-0257-48a2-92c6-2d12b2a763c0-image.png

      And my console when I renew the cert

      checkCerts
      Oct 22 18:14:15 box:settings initCache: pre-load settings
      Oct 22 18:14:15 box:taskworker Starting task 73. Logs are at /home/yellowtent/platformdata/logs/tasks/73.log
      Oct 22 18:14:15 box:tasks 73: {"percent":2,"error":null}
      Oct 22 18:14:15 box:tasks 73: {"percent":1,"message":"Ensuring certs of my.devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: my.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
      Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.1341194675926
      Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:15 box:tasks 73: {"percent":26,"message":"Ensuring certs of test.devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: test.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.key
      Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13411917824074
      Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:15 box:tasks 73: {"percent":51,"message":"Ensuring certs of devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: devz.cloud cert does not exist
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: getting certificate for devz.cloud with options {"prod":true,"performHttpAuthorization":false,"wildcard":true,"email":"faziz4911@outlook.sa"}
      Oct 22 18:14:15 box:cert/acme2 getCertificate: attempt 1
      Oct 22 18:14:15 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:15 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0101jF-st20zZzi6eL2phy-mDC85Wq9U5cCzJQcZuEHcwqE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:15 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:15 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0102u0gtzaL0GPDx-hTQy6P2_uV4HfRwl4Su7P06KNr5Nxk for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:16 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:16 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102srJGvBOG3Hiacset3kFi-JTG005puX3LnSkHiHOPk5E for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:16 box:cert/acme2 getCertificate: attempt 2
      Oct 22 18:14:16 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:16 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102oMuXu5-pT-j0HLeGauy1X9XE18lmoQAK_TBll-yO_XE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:16 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:16 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0101drspmA_ZPCI7tFz67SrIb_nY7aBQk63HbcQFIC31RxM for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:17 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:17 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0102ey8bannQy2_xDWaA3rW7F6cwBLwj8Zd4qyLtCu2cfhs for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:17 box:cert/acme2 getCertificate: attempt 3
      Oct 22 18:14:17 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:17 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0101PpaQFUOLybXOQGhg3U0YKY3h_MPRPKt9nLICiui45vo for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:17 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:17 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102JJhn_Gcpw3O0nhYKxGZeoz9tLmaKZiClpagbTGjLraQ for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:18 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:18 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102ryT8-GhcAKp4JxM5lIXLEeyIm-1wTajNBBLwgGwOhao for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: error: Failed to send new order. Expecting 201, got 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRyFTLRNyDmT1a1boZVcertificates (5) already issued for this exact set of domains in the last 168 hours: devz.cloud: see https://letsencrypt.org/docs/rate-limits/","status":429} cert: /home/yellowtent/platformdata/nginx/cert/devz.cloud.cert
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: renewal of devz.cloud failed. using fallback certificates for devz.cloud
      Oct 22 18:14:18 box:tasks 73: {"percent":76,"message":"Ensuring certs of forum.devz.cloud"}
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: forum.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407695601852
      Oct 22 18:14:18 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:18 box:reverseproxy renewCerts: Renewed certs of []
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407671296297
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Nov 26 18:09:20 2023 GMT daysLeft=765.1215419097222
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/devz.cloud.host.cert notAfter=Dec 28 19:26:58 2023 GMT daysLeft=797.1754538657408
      Oct 22 18:14:18 box:taskworker Task took 3.816 seconds
      Oct 22 18:14:18 box:tasks setCompleted - 73: {"result":[null,null],"error":null}
      Oct 22 18:14:18 box:tasks 73: {"percent":100,"result":[null,null],"error":null}

      I see it like it's ratelimit so i need cloudflare how do i setup it when I wanted to it keep redirect until the browser stops me

      nebulonN Offline
      nebulonN Offline
      nebulon
      Staff
      wrote on last edited by
      #2

      @aziz this may be some other bug actually as the logs indicate you have a valid certificate already, yet then goes on and tries to get a fresh one, despite the old one being valid for another 87 days. If this bug is hit in a loop I can see how you hit the rate-limit. Maybe this is a permission issue on your instance. Not sure, if you want, enable remote ssh support https://docs.cloudron.io/support/#remote-support and if you do, send us a mail to support@cloudron.io with your dashboard domain.

      1 Reply Last reply
      0
      • girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #3

        @aziz So, certificate for *.devz.cloud is already there, so if you install apps on subdomain it will work. Cert for devz.cloud (it is not a subdomain, so we have to get a separate cert from the wildcard cert) is getting rate limited.

        You can just wait for 2-3 days to install an app on the bare domain and that should work. You should be able to install apps in subdomains in the meantime.

        1 Reply Last reply
        1
        • jamesJ james has marked this topic as solved on

        Hello! It looks like you're interested in this conversation, but you don't have an account yet.

        Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

        With your input, this post could be even better 💗

        Register Login
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search