After 1 week still rate-limit

#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: renkaba.selfhost.eu

I ran this command: /usr/local/letsencrypt/letsencrypt-auto certonly -d renkaba.selfhost.eu --apache -m homeguard@gmx.de

It produced this output: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error finalizing order :: too many certificates already issued for: selfhost.eu: see https://letsencrypt.org/docs/rate-limits/

My web server is (include version): apache2

The operating system my web server runs on is (include version): linux

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot-auto --version

I tried to receive the certs several time. due to my ignorance I tried to often. Then I read the docs and installed certs from the staging server, which works (rate-limit higher). After that I tried several times to replace the staging server cert with a production one, but always got rate-limit error. So I gave up and waited one week after the first rate-limit error. This was yesterday and again I got rate-limit error (see above). Why? Does the rate-limit “clock” resets with every try, even I dont get a new cert? If not why does it not work after one week?

Thx

#2

selfhost.eu is not a public suffix. Your best bet is to get off that and onto a domain that appears on the Public Suffix List, or preferably your own domain.

You might be able to get a cert right now, but somebody may have snatched that window up.

Rate Limit Current Status Domain
50 Certificates per Registered Domain per week OK (49 / 50 this week.) selfhost.eu

Summary generated at https://tools.letsdebug.net/cert-search?m=domain&q=renkaba.selfhost.eu&d=168 .

1 Like
#3

I just tried again and got following reply :

What would you like to do?


1: Keep the existing certificate for now
2: Renew & replace the cert (limit ~5 per 7 days)


Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 2
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error finalizing order :: too many certificates already issued for: selfhost.e
u: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.

#4

Yeah.

It’s a domain where all its users share a common rate limit.

There’s no solution to that issue, unless the owner of selfhost.eu submits his domain to the PSL.

#5

Ok, means I can get a cert only by chance for selfhost.eu. Can I check how many are issued already or just keep on trying, if I want to stay with this provider?

#6

@_az already pointed to a website listing the most recent certificate issuances. But that site uses Certificate Logs, which can lag a little bit behind. So even if that site says you can get a new certificate, it might be already outdated info.

#7

It actually caught up in the last 5 minutes:

Rate Limit Current Status Domain
50 Certificates per Registered Domain per week Limit exceeded (50/50 this week). Next certificate issuable at 2019-02-26T10:44:30.000Z. selfhost.eu

Summary generated at https://tools.letsdebug.net/cert-search?m=domain&q=renkaba.selfhost.eu&d=168 .

Next window to get a new certificate is in 13 minutes - good luck.

1 Like
#8

Thx for the support!

1 Like
closed #9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.