Proper way to move certificate from one VPS to another

RyanQYao · November 30, 2019, 10:15pm

1. My Caddy version (`caddy -version`):

I installed with this script wget -N --no-check-certificate https://raw.githubusercontent.com/ToyoDAdoubiBackup/doubi/master/caddy_install.sh && chmod +x caddy_install.sh && bash caddy_install.sh

caddy -version didn’t work for me.

2. How I run Caddy:

a. System environment:

Ubuntu18.04

b. Command:

/etc/init.d/caddy start

d. My complete Caddyfile:

 gzip
 tls myemailhere@email.com
 proxy / 127.0.0.1:8080 {
    header_upstream Host {host}
    header_upstream X-Real-IP {remote}
    header_upstream X-Forwarded-For {remote}
    header_upstream X-Forwarded-Proto {scheme}
  }
}

rsshub.mydomainhere.com {
 gzip
 tls myemailhere@email.com
 proxy / 127.0.0.1:1200 {
    header_upstream Host {host}
    header_upstream X-Real-IP {remote}
    header_upstream X-Forwarded-For {remote}
    header_upstream X-Forwarded-Proto {scheme}
  }
}

search.mydomainhere.com {
 gzip
 tls myemailhere@email.com
 proxy / 127.0.0.1:8888 {
    header_upstream Host {host}
    header_upstream X-Real-IP {remote}
    header_upstream X-Forwarded-For {remote}
    header_upstream X-Forwarded-Proto {scheme}
  }
}

3. The problem I’m having:

I want to move my services from one VPS to another one. So I added my old domain to the new VPS and changed the NS to make the domain is pointing to my new VPS. Then I installed caddy with the script above. I copied the Caddyfile from the old VPS to the new VPS. Then I start caddy as usual /etc/init.d/caddy start. When I check the log it tells me failed to obtain certificate.

4. Error messages and/or full log output:

failed to obtain certificate: acme: error: 429 :: POST :: https://acme-v02.api.letsencrypt.org/acme/new-order :: urn:ietf:params:acme:error:rateLimited :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/, url:

5. What I already tried:

Then I copied both Caddyfile and caddy to my new VPS, then run caddy. It still doesn’t work. So I guess right now I have to wait for another week before I try anything else.

My question is that what is the proper way to move the certificate from one VPS to another VPS. I want to use the same domain on my new VPS. Thanks

Whitestrake · December 1, 2019, 5:58am

Hi @RyanQYao,

An error like that means you would have had Caddy output errors multiple times, but you continued trying to restart it. Without the original errors, any troubleshooting steps would simply be double checking things and hoping you fixed the problem. You could double check your DNS, your firewall, etc, but getting around the rate limit and testing it again (once!) to find out what the actual problem is would be easier.

Your rate limit might be a bit shorter than you think:

There is a Failed Validation limit of 5 failures per account, per hostname, per hour. This limit is higher on our staging environment, so you can use that environment to debug connectivity problems.
—Rate Limits - Let's Encrypt

You should:

Change to the staging enviroment.
Run Caddy again, without restarting it on failure.
Examine Caddy’s output.

system · February 29, 2020, 5:58am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.