Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I'm attempting to add a LetsEncrypt SSL Certificate to my Digital Ocean server. It's failing at the same step every time.
The domain in question has been there for about a year and is working. The A records are correct. I've restarted the server and Nginx just incase (turn it off and on again).
Any help would be appreciated (especially if I don't have to SSH into anything)
Creating well known challenge directory...
Installing LetsEncrypt client...
Cloning into 'letsencryptxxxxx'...
Configuring client...
Restarting Nginx...
* Restarting nginx nginx
...done.
* Reloading nginx configuration nginx
...done.
Generating Certificate...
# INFO: Using main config file /root/letsencryptxxxxx/config
+ Generating account key...
+ Registering account key with ACME server...
Processing purewebbrilliant.com with alternative names: www.purewebbrilliant.com
+ Signing domains...
+ Creating new directory /root/letsencryptxxxxx/certs/purewebbrilliant.com ...
+ Generating private key...
+ Generating signing request...
+ Requesting challenge for purewebbrilliant.com...
+ Requesting challenge for www.purewebbrilliant.com...
+ Responding to challenge for purewebbrilliant.com...
+ Challenge is valid!
+ Responding to challenge for www.purewebbrilliant.com...
+ Challenge is valid!
+ Requesting certificate...
+ Checking certificate...
+ Done!
+ Creating fullchain.pem...
+ Done!
Installing Certificate...
cp: cannot stat ‘certs/PureWebBrilliant.com/privkey.pem’: No such file or directory
Are you doing it through the Forge UI? Sometimes, you have to try a few times for it to work properly. I do not think it's a Forge problem but an issue on the other end. Requesting the SSL cert through the Forge UI works great for me on several servers.
Thanks for the reply.
Yes it's through the Forge UI. We'Ve been trying since Friday, and on 3 different domains. All fail at the same step. I've even tried with a newly created domain - same error.
Hmm, that's really odd because I setup a new testing server and used the UI to get a cert. Have you ever used it before? The reason I ask is because all you do is click the button. Everything is done for you except verifying the domains. You don't have to create a cert signing request and such. It is done for you. Also, make sure you deleted the default site and added a new site referencing your domain. It will fail if using the default site.
I've never used this service before @ejdelmonico .
All I've done is click the button. The default site is deleted, and the new site referencing the domain is there and live.
I've tested this out today with a brand new sub-domain (it's basically a CDN for static files) and I'm getting the same error.
hmm, that is odd. This might be an issue that @fideloper might chime in on. Or, submit an issue to Taylor.
Since Chris didn't come across this question as of yet, you might want to post it on his site http://serversforhackers.com
Update:
+ Generating private key...
+ Generating signing request...
+ Requesting challenge for kevinjohngallagher.com...
+ Requesting challenge for www.kevinjohngallagher.com...
+ Responding to challenge for kevinjohngallagher.com...
+ Challenge is valid!
+ Responding to challenge for www.kevinjohngallagher.com...
+ Challenge is valid!
+ Requesting certificate...
+ ERROR: An error occurred while sending post-request to https://acme-v01.api.letsencrypt.org/acme/new-cert (Status 429)
Details:
{
"type": "urn:acme:error:rateLimited",
"detail": "Error creating new cert :: Too many certificates already issued for exact set of domains: kevinjohngallagher.com,www.kevinjohngallagher.com",
"status": 429
}
Where this starts to get interesting is that I have created a new static subdomain, that in Forge is set to "HTML" rather than "PHP/Laravel", and it worked first time: https://static.kevinjohngallagher.com/
I've sent this to Taylor :)
Thanks for all your help @ejdelmonico !!
I just have the same issue and I found the solution.
For the domain PureWebBrilliant.com, if you create forge site like this PureWebBrilliant.com it will be not possible to create certificate because the cert created are in the folder purewebbrilliant.com (without upper case)
So the solution is to replace your forge site by purewebbrilliant.com
Please or to participate in this conversation.