Why is Let's Encrypt taking longer than 24 hours to generate certs for my domain?

I’ve had this message for over a day now…

GitLab is obtaining a Let’s Encrypt SSL certificate for this domain. This process can take some time. Please try again later.

5 Likes

Did you get any answer from Gitlab ?

Same issue, it’s been a few days already. Not sure where I can ask for help…

2 Likes

Same issue and it’s been over one week now. Not sure either where to ask or get help from the support for gitlab.com.

1 Like

I have followed this link to generate myself the certificate and then put it in gitlab pages.
It has worked for me.

https://docs.gitlab.com/ee/user/project/pages/lets_encrypt_for_gitlab_pages.html

I contacted gitlab support and they suggested removing the domain and re-adding it (which had worked for other people), and that worked for me.

1 Like

One thing to check is that the DNS entries are already pointing to Gitlab. If you’re moving a website but are waiting to have the cert before moving the DNS entries to Gitlab servers, you won’t get the let’s encrypt certificates. At least, that’s what I discovered with my trials.
So you need to have the gitlab verification codes + the @ (and possibly www) pointing to gitlab server.

Same issue here.
And I found the whole documentation for setting up a gitlab page is not clear enough and requires quite a bit effort of googling.

Had the same issue. Creating the domain without SSL, verifying it first and then enabling Lets Encrypt fixed it for me.

For those who still had issues with adding domains to Gitlab pages, I removed the domain and added it again. Then it worked. I waited for a couple of days thinking it will eventually resolve. It never did. I thought I configured my Google Domains DNS wrong. But after a few changes, nothing helped. So, removing in Gitlab Pages settings then readding the domain is what worked for me.

Removing and re-adding the domain worked for me about a month ago. Setting up a different one with a different domain and no luck. Tried removing the domain, toggling other options, then adding it back. Also tried providing my own (invalid) cert, then removing it to turn on the automatic Let’s Encrypt, just to see if it would retry. No luck.

If I create it without SSL (have to turn off force https), then I can’t turn force https back on.

This is a .dev domain, which requires SSL. Possible compatibility issue somewhere along the chain?

how long will take, to reflect generated keys?
because i have generate the keys and updated them on gitlab, but still by website is showing issue, as certificate is issue to gitlab.io

Hi,

the problem is with rate limiting on the let’s encrypt side. If the pages request too many certificates for gitlab.io, a certain delay in the queue takes place. I had seen a related MR in the 12.7.2 release notes for this. There’s also raised awareness for these problems, please following along in this issue.

Cheers,
Michael

Gave it another day and nothing – ended up ‘deleting pages’, running another deploy, then added the domain again. Checked it 5 minutes later and it had the cert and all is good.