Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. SSL Is rate limited and I want to install cloudflare

SSL Is rate limited and I want to install cloudflare

Scheduled Pinned Locked Moved Unsolved Support
certificatesletsencrypt
3 Posts 3 Posters 617 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A Offline
    A Offline
    aziz
    wrote on last edited by girish
    #1

    NET::ERR_CERT_AUTHORITY_INVALID

    4cc3c829-0257-48a2-92c6-2d12b2a763c0-image.png

    And my console when I renew the cert

    checkCerts
    Oct 22 18:14:15 box:settings initCache: pre-load settings
    Oct 22 18:14:15 box:taskworker Starting task 73. Logs are at /home/yellowtent/platformdata/logs/tasks/73.log
    Oct 22 18:14:15 box:tasks 73: {"percent":2,"error":null}
    Oct 22 18:14:15 box:tasks 73: {"percent":1,"message":"Ensuring certs of my.devz.cloud"}
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: my.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
    Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.1341194675926
    Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
    Oct 22 18:14:15 box:tasks 73: {"percent":26,"message":"Ensuring certs of test.devz.cloud"}
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: test.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.key
    Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13411917824074
    Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
    Oct 22 18:14:15 box:tasks 73: {"percent":51,"message":"Ensuring certs of devz.cloud"}
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: devz.cloud cert does not exist
    Oct 22 18:14:15 box:reverseproxy ensureCertificate: getting certificate for devz.cloud with options {"prod":true,"performHttpAuthorization":false,"wildcard":true,"email":"faziz4911@outlook.sa"}
    Oct 22 18:14:15 box:cert/acme2 getCertificate: attempt 1
    Oct 22 18:14:15 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
    Oct 22 18:14:15 box:cert/acme2 registerUser: registering user
    Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0101jF-st20zZzi6eL2phy-mDC85Wq9U5cCzJQcZuEHcwqE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
    Oct 22 18:14:15 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:15 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
    Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0102u0gtzaL0GPDx-hTQy6P2_uV4HfRwl4Su7P06KNr5Nxk for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:16 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
    Oct 22 18:14:16 box:cert/acme2 newOrder: devz.cloud
    Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102srJGvBOG3Hiacset3kFi-JTG005puX3LnSkHiHOPk5E for url https://acme-v02.api.letsencrypt.org/acme/new-order
    Oct 22 18:14:16 box:cert/acme2 getCertificate: attempt 2
    Oct 22 18:14:16 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
    Oct 22 18:14:16 box:cert/acme2 registerUser: registering user
    Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102oMuXu5-pT-j0HLeGauy1X9XE18lmoQAK_TBll-yO_XE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
    Oct 22 18:14:16 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:16 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
    Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0101drspmA_ZPCI7tFz67SrIb_nY7aBQk63HbcQFIC31RxM for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:17 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
    Oct 22 18:14:17 box:cert/acme2 newOrder: devz.cloud
    Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0102ey8bannQy2_xDWaA3rW7F6cwBLwj8Zd4qyLtCu2cfhs for url https://acme-v02.api.letsencrypt.org/acme/new-order
    Oct 22 18:14:17 box:cert/acme2 getCertificate: attempt 3
    Oct 22 18:14:17 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
    Oct 22 18:14:17 box:cert/acme2 registerUser: registering user
    Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0101PpaQFUOLybXOQGhg3U0YKY3h_MPRPKt9nLICiui45vo for url https://acme-v02.api.letsencrypt.org/acme/new-acct
    Oct 22 18:14:17 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:17 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
    Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102JJhn_Gcpw3O0nhYKxGZeoz9tLmaKZiClpagbTGjLraQ for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
    Oct 22 18:14:18 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
    Oct 22 18:14:18 box:cert/acme2 newOrder: devz.cloud
    Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102ryT8-GhcAKp4JxM5lIXLEeyIm-1wTajNBBLwgGwOhao for url https://acme-v02.api.letsencrypt.org/acme/new-order
    Oct 22 18:14:18 box:reverseproxy ensureCertificate: error: Failed to send new order. Expecting 201, got 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRyFTLRNyDmT1a1boZVcertificates (5) already issued for this exact set of domains in the last 168 hours: devz.cloud: see https://letsencrypt.org/docs/rate-limits/","status":429} cert: /home/yellowtent/platformdata/nginx/cert/devz.cloud.cert
    Oct 22 18:14:18 box:reverseproxy ensureCertificate: renewal of devz.cloud failed. using fallback certificates for devz.cloud
    Oct 22 18:14:18 box:tasks 73: {"percent":76,"message":"Ensuring certs of forum.devz.cloud"}
    Oct 22 18:14:18 box:reverseproxy ensureCertificate: forum.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407695601852
    Oct 22 18:14:18 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
    Oct 22 18:14:18 box:reverseproxy renewCerts: Renewed certs of []
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/    .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407671296297
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Nov 26 18:09:20 2023 GMT daysLeft=765.1215419097222
    Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/devz.cloud.host.cert notAfter=Dec 28 19:26:58 2023 GMT daysLeft=797.1754538657408
    Oct 22 18:14:18 box:taskworker Task took 3.816 seconds
    Oct 22 18:14:18 box:tasks setCompleted - 73: {"result":[null,null],"error":null}
    Oct 22 18:14:18 box:tasks 73: {"percent":100,"result":[null,null],"error":null}

    I see it like it's ratelimit so i need cloudflare how do i setup it when I wanted to it keep redirect until the browser stops me

    nebulonN 1 Reply Last reply
    0
    • A aziz

      NET::ERR_CERT_AUTHORITY_INVALID

      4cc3c829-0257-48a2-92c6-2d12b2a763c0-image.png

      And my console when I renew the cert

      checkCerts
      Oct 22 18:14:15 box:settings initCache: pre-load settings
      Oct 22 18:14:15 box:taskworker Starting task 73. Logs are at /home/yellowtent/platformdata/logs/tasks/73.log
      Oct 22 18:14:15 box:tasks 73: {"percent":2,"error":null}
      Oct 22 18:14:15 box:tasks 73: {"percent":1,"message":"Ensuring certs of my.devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: my.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
      Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.1341194675926
      Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:15 box:tasks 73: {"percent":26,"message":"Ensuring certs of test.devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: test.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.key
      Oct 22 18:14:15 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13411917824074
      Oct 22 18:14:15 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:15 box:tasks 73: {"percent":51,"message":"Ensuring certs of devz.cloud"}
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: devz.cloud cert does not exist
      Oct 22 18:14:15 box:reverseproxy ensureCertificate: getting certificate for devz.cloud with options {"prod":true,"performHttpAuthorization":false,"wildcard":true,"email":"faziz4911@outlook.sa"}
      Oct 22 18:14:15 box:cert/acme2 getCertificate: attempt 1
      Oct 22 18:14:15 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:15 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0101jF-st20zZzi6eL2phy-mDC85Wq9U5cCzJQcZuEHcwqE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:15 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:15 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:15 box:cert/acme2 sendSignedRequest: using nonce 0102u0gtzaL0GPDx-hTQy6P2_uV4HfRwl4Su7P06KNr5Nxk for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:16 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:16 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102srJGvBOG3Hiacset3kFi-JTG005puX3LnSkHiHOPk5E for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:16 box:cert/acme2 getCertificate: attempt 2
      Oct 22 18:14:16 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:16 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0102oMuXu5-pT-j0HLeGauy1X9XE18lmoQAK_TBll-yO_XE for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:16 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:16 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:16 box:cert/acme2 sendSignedRequest: using nonce 0101drspmA_ZPCI7tFz67SrIb_nY7aBQk63HbcQFIC31RxM for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:17 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:17 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0102ey8bannQy2_xDWaA3rW7F6cwBLwj8Zd4qyLtCu2cfhs for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:17 box:cert/acme2 getCertificate: attempt 3
      Oct 22 18:14:17 box:cert/acme2 getCertificate: start acme flow for devz.cloud from https://acme-v02.api.letsencrypt.org/directory
      Oct 22 18:14:17 box:cert/acme2 registerUser: registering user
      Oct 22 18:14:17 box:cert/acme2 sendSignedRequest: using nonce 0101PpaQFUOLybXOQGhg3U0YKY3h_MPRPKt9nLICiui45vo for url https://acme-v02.api.letsencrypt.org/acme/new-acct
      Oct 22 18:14:17 box:cert/acme2 registerUser: user registered keyid: https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:17 box:cert/acme2 updateContact: registrationUri: https://acme-v02.api.letsencrypt.org/acme/acct/208177800 email: faziz4911@outlook.sa
      Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102JJhn_Gcpw3O0nhYKxGZeoz9tLmaKZiClpagbTGjLraQ for url https://acme-v02.api.letsencrypt.org/acme/acct/208177800
      Oct 22 18:14:18 box:cert/acme2 updateContact: contact of user updated to faziz4911@outlook.sa
      Oct 22 18:14:18 box:cert/acme2 newOrder: devz.cloud
      Oct 22 18:14:18 box:cert/acme2 sendSignedRequest: using nonce 0102ryT8-GhcAKp4JxM5lIXLEeyIm-1wTajNBBLwgGwOhao for url https://acme-v02.api.letsencrypt.org/acme/new-order
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: error: Failed to send new order. Expecting 201, got 4JUdGzvrMFDWrUUwY3toJATSeNwjn54LkCnKBPRzDuhzi5vSepHfUckJNxRL2gjkNrSqtCoRUrEDAgRwsQvVCjZbRyFTLRNyDmT1a1boZVcertificates (5) already issued for this exact set of domains in the last 168 hours: devz.cloud: see https://letsencrypt.org/docs/rate-limits/","status":429} cert: /home/yellowtent/platformdata/nginx/cert/devz.cloud.cert
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: renewal of devz.cloud failed. using fallback certificates for devz.cloud
      Oct 22 18:14:18 box:tasks 73: {"percent":76,"message":"Ensuring certs of forum.devz.cloud"}
      Oct 22 18:14:18 box:reverseproxy ensureCertificate: forum.devz.cloud certificate already exists at /home/yellowtent/platformdata/nginx/cert/.devz.cloud.key
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407695601852
      Oct 22 18:14:18 box:reverseproxy providerMatchesSync: /home/yellowtent/platformdata/nginx/cert/.devz.cloud.cert subject=CN = .devz.cloud domain=.devz.cloud issuer=C = US, O = Let's Encrypt, CN = R3 wildcard=true/true prod=true/true issuerMismatch=false wildcardMismatch=false match=true
      Oct 22 18:14:18 box:reverseproxy renewCerts: Renewed certs of []
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/      .devz.cloud.cert notAfter=Jan 17 18:27:23 2022 GMT daysLeft=87.13407671296297
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/default.cert notAfter=Nov 26 18:09:20 2023 GMT daysLeft=765.1215419097222
      Oct 22 18:14:18 box:reverseproxy expiryDate: /home/yellowtent/platformdata/nginx/cert/devz.cloud.host.cert notAfter=Dec 28 19:26:58 2023 GMT daysLeft=797.1754538657408
      Oct 22 18:14:18 box:taskworker Task took 3.816 seconds
      Oct 22 18:14:18 box:tasks setCompleted - 73: {"result":[null,null],"error":null}
      Oct 22 18:14:18 box:tasks 73: {"percent":100,"result":[null,null],"error":null}

      I see it like it's ratelimit so i need cloudflare how do i setup it when I wanted to it keep redirect until the browser stops me

      nebulonN Offline
      nebulonN Offline
      nebulon
      Staff
      wrote on last edited by
      #2

      @aziz this may be some other bug actually as the logs indicate you have a valid certificate already, yet then goes on and tries to get a fresh one, despite the old one being valid for another 87 days. If this bug is hit in a loop I can see how you hit the rate-limit. Maybe this is a permission issue on your instance. Not sure, if you want, enable remote ssh support https://docs.cloudron.io/support/#remote-support and if you do, send us a mail to support@cloudron.io with your dashboard domain.

      1 Reply Last reply
      0
      • girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #3

        @aziz So, certificate for *.devz.cloud is already there, so if you install apps on subdomain it will work. Cert for devz.cloud (it is not a subdomain, so we have to get a separate cert from the wildcard cert) is getting rate limited.

        You can just wait for 2-3 days to install an app on the bare domain and that should work. You should be able to install apps in subdomains in the meantime.

        1 Reply Last reply
        1
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search