Certbot Renewal Limited

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: certbot renew

It produced this output:
Attempting to renew cert (REMOVED) from /etc/letsencrypt/renewal/REMOVED.conf produced an unexpected error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/. Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/REMOVED/fullchain.pem (failure)

My web server is (include version): NGINX

The operating system my web server runs on is (include version): CENTOS7

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

The dry run is now succeeding fine, but in the debugging it limited me. When does this actually lift? I need to get it live now as it is erroring our servers for clients.

Thanks!

  • Nick
1 Like

@nickev
The answer you seek is within the linked page in your post.

There is a Failed Validation limit of 5 failures per account, per hostname, per hour. This limit is higher on our staging environment, so you can use that environment to debug connectivity problems. Exceeding the Failed Validations limit is reported with the error message too many failed authorizations recently .

Rip

1 Like

Got it. So for clarity does this mean I need to just wait an hour? Or also change the host name and wait the hour?

Can I still use Certbot on this servers IP even?
@Rip

1 Like

Just wait for an hour. If you change the hostname that constitutes a new request.
Rip

1 Like

Let’sEncrypt does not provide certificates for IP addresses at this time. Sorry I missed that question.

Rip

1 Like