Just to point out something that happened to me. I used a testing server whose setup is entirely done by ansible, and after I use the site, I destroy it (ansible handles the destruction of the droplets, digital ocean spaces and so on, so that I’m not charged when not using).
What happened is that LetsEncrypt have rate limits, and my domain exceeded, so I started receiving the error that the page couldn’t be reached and it was a bit hard to track the reason to the rate limit of certificates (first I thought should be something about IPv6 or SSL + IPv6).
Running ./launcher logs app
I saw a huge number of errors, basically saying:
nginx: [emerg] cannot load certificate "/shared/ssl/mydomain.com.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
lots and lots of times…
In the very beggining of the logs (thankfully the number of lines to be displayed in the terminal was not exceeded) there was the reason:
Create new order error. Le_OrderFinalize not found. {
"type": "urn:ietf:params:acme:error:rateLimited",
"detail": "Error creating new order :: too many certificates already issued for exact set of domains: mydomain.com: see https://letsencrypt.org/docs/rate-limits/",
"status": 429
}
So for anyone that face it in the future, make sure to not exceed the rate limit (in my case, for these test sites that I create several times per week, I can just not use ssl to avoid this problem).