Article

Ghost setup ssl : One or more errors occurred.

2 minute de lecture
Par Stéphane
Ghost setup ssl : One or more errors occurred.

After entering the command : ghost setup ssl and entering my email, the following command is issued by the script :

+ sudo /etc/letsencrypt/acme.sh --issue --home /etc/letsencrypt --domain www.mywebsite.com --webroot /var/www/ghost/www.mywebsite.com/system/nginx-root --reloadcmd "nginx -s reload" --accountemail [email protected]

But an error is output :

✖ Setting up SSL
One or more errors occurred.

1) ProcessError

What's a bit weird is that :

[Sun 30 May 2021 11:58:46 PM CEST] Lets finalize the order.
[Sun 30 May 2021 11:58:46 PM CEST] Le_OrderFinalize='https://acme-v02.api.letsencrypt.org/acme/finalize/17676853/1068644378'

Exit code: 1


Debug Information:
    OS: Ubuntu, v20.04.2 LTS
    Node Version: v14.17.0
    Ghost Version: 4.6.4
    Ghost-CLI Version: 1.17.3
    Environment: production
    Command: 'ghost setup ssl'

I ran the /etc/letsencrypt/acme.sh myself, and here is what I found :

[Mon 31 May 2021 12:00:35 AM CEST] Le_LinkOrder
[Mon 31 May 2021 12:00:35 AM CEST] Le_OrderFinalize
[Mon 31 May 2021 12:00:35 AM CEST] Create new order error. Le_OrderFinalize not found. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}

What ? I'm being rateLimited ???

Well, this is actually very well documented by Let's Encrypt :

There is a Failed Validation limit of 5 failures per account, per hostname, per hour. This limit is higher on our staging environment, so you can use that environment to debug connectivity problems. Exceeding the Failed Validations limit is reported with the error message too many failed authorizations recently.

And also there https://letsencrypt.org/docs/staging-environment/

We highly recommend testing against our staging environment before using our production environment. This will allow you to get things right before issuing trusted certificates and reduce the chance of your running up against rate limits.

Note that this page has just been updated (7 days ago).

So, do not issue ghost setup ssl too many times, unless you know that it'work.

But, of course, there is Murphy's law... that's why you have 5 retries within an hour I guess.

Article
Stéphane

Stéphane

Vintage computing, retro computing, photographie et Ingress.

Article précédent

Finir un enregistrement d'écran sur iPhone SANS voir le retour au centre de contrôle à la fin
Article suivant

Trouver la date de fabrication d'un matériel photo Fujifilm

Articles en relation

La Chienlit
Suivre