Any way to get past rate limit?


#1

So I did something foolish. I did not RTFM, and was unaware of the rate limit. I spun up a few different instances on AWS, trying various mail server configurations. Well, all the instances are now shut down and it appears I am not able to generate a cert. How long do I have to wait?

91354050 2017-02-13 2017-02-13 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
90770085 2017-02-12 2017-02-12 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
90722161 2017-02-12 2017-02-12 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
89890369 2017-02-11 2017-02-11 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
89866736 2017-02-11 2017-02-11 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
87341187 2017-02-08 2017-02-08 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3


#2

The rate limit you have hit is 7 days, so you should be able to obtain 1 cert on Wed, then 2 more next Sat.

It looks as if you have hit the limit for “identical” certificates, so if you were to add an additional domain name to your certificate ( say another subdomain), you could potentially get a certificate that would cover the domains you require (and include the additional subdomain).


#3

I’m hosting an application on one server & the mail/webmail interface on another server. I do have access to the key on the application server. Should I copy that to the mail server?


#4

I’m not sure I understand what you mean.

The error is because of too many identical certificates for mail.viti.io

If you created a new subdomain in your DNS for mail2.viti.io which pointed to your mail.viti.io server, then you could obtain a single certificate for both mail.viti.io and mail2.viti.io Although you don’t need / use mail2.viti.io it would provide a way around the rate limit that you hit.


#5

I had meant: would the certificate I have on the web server work for a subdomain if I copied it over to the mail server?

I realized I took a snapshot on one of the instances. I’m going to make it an AMI and see if I took the snapshot after generating a certificate.


#6

No, the domain cert won’t work for the subdomain. Hopefully you have got the certs in your backup ( or at least the private key). That way you can use the real certs, and it probably easiest.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.