Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. SSL Is rate limited and I want to install cloudflare

SSL Is rate limited and I want to install cloudflare

Scheduled Pinned Locked Moved Unsolved Support
certificatesletsencrypt
3 Posts 3 Posters 557 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      A Offline
      aziz
      wrote on last edited by girish
      #1

      NET::ERR_CERT_AUTHORITY_INVALID

      4cc3c829-0257-48a2-92c6-2d12b2a763c0-image.png

      And my console when I renew the cert

      checkCerts
      Oct 22 18:14:15 box:settings initCache: pre-load settings
      Oct 22 18:14:15 box:taskworker Starting task 73. Logs are at /home/yellowtent/platformdata/logs/tasks/73.log
      Oct 22 18:14:15 box:tasks 73: {"percent":2,"error":null}
      Oct 22 18:14:15 box:tasks 73: {"percent":1,"message":"Ensuring certs of my.devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: my.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
      Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.1341194675926
      Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:15 box:tasks 73: {"percent":26,"message":"Ensuring certs of test.devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: test.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.key
      Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13411917824074
      Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:15 box:tasks 73: {"percent":51,"message":"Ensuring certs of devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: devz.cloud cert does not exist
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: getting certificate for devz.cloud with options {"prod":true,"performHttpAuthorization":false,"wildcard":true,"email":"faziz4911@outlook.sa"}
      Oct 22 18:14:15 box:cert/acme2 getCertificate: attempt 1
      Oct 22 18:14:15 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:15 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0101jF-st20zZzi6eL2phy-mDC85Wq9U5cCzJQcZuEHcwqE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:15 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:15 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0102u0gtzaL0GPDx-hTQy6P2_uV4HfRwl4Su7P06KNr5Nxk for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:16 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:16 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102srJGvBOG3Hiacset3kFi-JTG005puX3LnSkHiHOPk5E for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:16 box:cert/acme2 getCertificate: attempt 2
      Oct 22 18:14:16 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:16 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102oMuXu5-pT-j0HLeGauy1X9XE18lmoQAK_TBll-yO_XE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:16 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:16 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0101drspmA_ZPCI7tFz67SrIb_nY7aBQk63HbcQFIC31RxM for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:17 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:17 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0102ey8bannQy2_xDWaA3rW7F6cwBLwj8Zd4qyLtCu2cfhs for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:17 box:cert/acme2 getCertificate: attempt 3
      Oct 22 18:14:17 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:17 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0101PpaQFUOLybXOQGhg3U0YKY3h_MPRPKt9nLICiui45vo for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:17 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:17 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102JJhn_Gcpw3O0nhYKxGZeoz9tLmaKZiClpagbTGjLraQ for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:18 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:18 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102ryT8-GhcAKp4JxM5lIXLEeyIm-1wTajNBBLwgGwOhao for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: error: Failed to send new order. Expecting 201, got 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRyFTLRNyDmT1a1boZVcertificates (5) already issued for this exact set of domains in the last 168 hours: devz.cloud: see https://letsencrypt.org/docs/rate-limits/","status":429} cert: /home/yellowtent/platformdata/nginx/cert/devz.cloud.cert
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: renewal of devz.cloud failed. using fallback certificates for devz.cloud
      Oct 22 18:14:18 box:tasks 73: {"percent":76,"message":"Ensuring certs of forum.devz.cloud"}
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: forum.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407695601852
      Oct 22 18:14:18 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:18 box:reverseproxy renewCerts: Renewed certs of []
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407671296297
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Nov 26 18:09:20 2023 GMT daysLeft=765.1215419097222
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/devz.cloud.host.cert notAfter=Dec 28 19:26:58 2023 GMT daysLeft=797.1754538657408
      Oct 22 18:14:18 box:taskworker Task took 3.816 seconds
      Oct 22 18:14:18 box:tasks setCompleted - 73: {"result":[null,null],"error":null}
      Oct 22 18:14:18 box:tasks 73: {"percent":100,"result":[null,null],"error":null}

      I see it like it's ratelimit so i need cloudflare how do i setup it when I wanted to it keep redirect until the browser stops me

      nebulonN 1 Reply Last reply
      0
      • A aziz

        NET::ERR_CERT_AUTHORITY_INVALID

        4cc3c829-0257-48a2-92c6-2d12b2a763c0-image.png

        And my console when I renew the cert

        checkCerts
        Oct 22 18:14:15 box:settings initCache: pre-load settings
        Oct 22 18:14:15 box:taskworker Starting task 73. Logs are at /home/yellowtent/platformdata/logs/tasks/73.log
        Oct 22 18:14:15 box:tasks 73: {"percent":2,"error":null}
        Oct 22 18:14:15 box:tasks 73: {"percent":1,"message":"Ensuring certs of my.devz.cloud"}
        Oct 22 18:14:15 box:reverseproxy ensureCertificate: my.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
        Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/        .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.1341194675926
        Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
        Oct 22 18:14:15 box:tasks 73: {"percent":26,"message":"Ensuring certs of test.devz.cloud"}
        Oct 22 18:14:15 box:reverseproxy ensureCertificate: test.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/        .devz.cloud.key
        Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13411917824074
        Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/        .devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
        Oct 22 18:14:15 box:tasks 73: {"percent":51,"message":"Ensuring certs of devz.cloud"}
        Oct 22 18:14:15 box:reverseproxy ensureCertificate: devz.cloud cert does not exist
        Oct 22 18:14:15 box:reverseproxy ensureCertificate: getting certificate for devz.cloud with options {"prod":true,"performHttpAuthorization":false,"wildcard":true,"email":"faziz4911@outlook.sa"}
        Oct 22 18:14:15 box:cert/acme2 getCertificate: attempt 1
        Oct 22 18:14:15 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
        Oct 22 18:14:15 box:cert/acme2 registerUser: registering user
        Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0101jF-st20zZzi6eL2phy-mDC85Wq9U5cCzJQcZuEHcwqE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
        Oct 22 18:14:15 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
        Oct 22 18:14:15 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
        Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0102u0gtzaL0GPDx-hTQy6P2_uV4HfRwl4Su7P06KNr5Nxk for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
        Oct 22 18:14:16 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
        Oct 22 18:14:16 box:cert/acme2 newOrder: devz.cloud
        Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102srJGvBOG3Hiacset3kFi-JTG005puX3LnSkHiHOPk5E for url https://acme-v02.api.letsencrypt.org/acme/new-order
        Oct 22 18:14:16 box:cert/acme2 getCertificate: attempt 2
        Oct 22 18:14:16 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
        Oct 22 18:14:16 box:cert/acme2 registerUser: registering user
        Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102oMuXu5-pT-j0HLeGauy1X9XE18lmoQAK_TBll-yO_XE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
        Oct 22 18:14:16 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
        Oct 22 18:14:16 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
        Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0101drspmA_ZPCI7tFz67SrIb_nY7aBQk63HbcQFIC31RxM for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
        Oct 22 18:14:17 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
        Oct 22 18:14:17 box:cert/acme2 newOrder: devz.cloud
        Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0102ey8bannQy2_xDWaA3rW7F6cwBLwj8Zd4qyLtCu2cfhs for url https://acme-v02.api.letsencrypt.org/acme/new-order
        Oct 22 18:14:17 box:cert/acme2 getCertificate: attempt 3
        Oct 22 18:14:17 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
        Oct 22 18:14:17 box:cert/acme2 registerUser: registering user
        Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0101PpaQFUOLybXOQGhg3U0YKY3h_MPRPKt9nLICiui45vo for url https://acme-v02.api.letsencrypt.org/acme/new-acct
        Oct 22 18:14:17 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
        Oct 22 18:14:17 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
        Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102JJhn_Gcpw3O0nhYKxGZeoz9tLmaKZiClpagbTGjLraQ for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
        Oct 22 18:14:18 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
        Oct 22 18:14:18 box:cert/acme2 newOrder: devz.cloud
        Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102ryT8-GhcAKp4JxM5lIXLEeyIm-1wTajNBBLwgGwOhao for url https://acme-v02.api.letsencrypt.org/acme/new-order
        Oct 22 18:14:18 box:reverseproxy ensureCertificate: error: Failed to send new order. Expecting 201, got 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRyFTLRNyDmT1a1boZVcertificates (5) already issued for this exact set of domains in the last 168 hours: devz.cloud: see https://letsencrypt.org/docs/rate-limits/","status":429} cert: /home/yellowtent/platformdata/nginx/cert/devz.cloud.cert
        Oct 22 18:14:18 box:reverseproxy ensureCertificate: renewal of devz.cloud failed. using fallback certificates for devz.cloud
        Oct 22 18:14:18 box:tasks 73: {"percent":76,"message":"Ensuring certs of forum.devz.cloud"}
        Oct 22 18:14:18 box:reverseproxy ensureCertificate: forum.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
        Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/        .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407695601852
        Oct 22 18:14:18 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
        Oct 22 18:14:18 box:reverseproxy renewCerts: Renewed certs of []
        Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/        .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407671296297
        Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Nov 26 18:09:20 2023 GMT daysLeft=765.1215419097222
        Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/devz.cloud.host.cert notAfter=Dec 28 19:26:58 2023 GMT daysLeft=797.1754538657408
        Oct 22 18:14:18 box:taskworker Task took 3.816 seconds
        Oct 22 18:14:18 box:tasks setCompleted - 73: {"result":[null,null],"error":null}
        Oct 22 18:14:18 box:tasks 73: {"percent":100,"result":[null,null],"error":null}

        I see it like it's ratelimit so i need cloudflare how do i setup it when I wanted to it keep redirect until the browser stops me

        nebulonN Offline
        nebulonN Offline
        nebulon
        Staff
        wrote on last edited by
        #2

        @aziz this may be some other bug actually as the logs indicate you have a valid certificate already, yet then goes on and tries to get a fresh one, despite the old one being valid for another 87 days. If this bug is hit in a loop I can see how you hit the rate-limit. Maybe this is a permission issue on your instance. Not sure, if you want, enable remote ssh support https://docs.cloudron.io/support/#remote-support and if you do, send us a mail to support@cloudron.io with your dashboard domain.

        1 Reply Last reply
        0
        • girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #3

          @aziz So, certificate for *.devz.cloud is already there, so if you install apps on subdomain it will work. Cert for devz.cloud (it is not a subdomain, so we have to get a separate cert from the wildcard cert) is getting rate limited.

          You can just wait for 2-3 days to install an app on the bare domain and that should work. You should be able to install apps in subdomains in the meantime.

          1 Reply Last reply
          1
          Reply
          • Reply as topic
          Log in to reply
          • Oldest to Newest
          • Newest to Oldest
          • Most Votes

            • Login
            • Don't have an account? Register
            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search