Disaster... Too many certificates tried on one domain

#1

Can I roll over back with SSL? I totally regreted…
I tried too mand time to add certifications until the limit warning came out.

My domain is: sanmau.net

I ran this command: sudo certbot --apache-d sanmau.net -d www.sanmau.net
(I tried this too many times over and over again, and even rebuilt the Ubuntu for serval times, forgive I’m totally newbe and I hate myself now what if I had never tried to install SSL -_-!!!)

It produced this output: many errors in red type. too many certificates on the domain of www.sanmau.net and told me to view the log file… I’m totally a disaster maker…

My web server is (include version):

The operating system my web server runs on is (include version): Ubuntu 18.04 LTS Server - 64 Bit

My hosting provider, if applicable, is: Cloudcone

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no, i use ssh via putty

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.28.0

#2

Hi @callenbit

this

https://crt.sh/?q=sanmau.net

isn’t a disaster. There is only one certificate created (one pre- and one leaf certificate is listed).

So you have hitted the 5 failed / per account / per hour, wait one hour.

You can create 5 identical certificates in one week, so you can create 4.

Or use that certificate.

#3

I think OP could mean the www certificate:

Rate Limit Current Status Domain
50 Certificates per Registered Domain per week OK (6 / 50 this week.) sanmau.net
5 Duplicate Certificates per week Limit exceeded. Next issuable at 09 Mar 2019 07:56:20 UTC www.sanmau.net

Summary generated at https://tools.letsdebug.net/cert-search?m=domain&q=sanmau.net&d=168 .

Maybe try add a space between the “apache-d” in the command you posted?

1 Like
#4

Thank you a lot! I feel a bit better now. I shoud read more instruction and manual book before I tried a command any more. Thank you, sir. I might post more details after I tried to make it right, whether success or not.

#5

Maybe the “space” between apache & -d is the key problem in deed, thanks for you tested my www-domain and your tips. I will try again at 9 Mar follow your instruction. Thanks for your kindness!

#6

If the space was the problem, there would be no need to wait (since a certificate with both versions of the domain correctly added would not be considered a duplicate).

At most you would need to wait 1 hour, as already mentioned.

#7

You should test your configuration at:
https://www.ssllabs.com/ssltest/analyze.html?d=sanmau.net
https://www.ssllabs.com/ssltest/analyze.html?d=www.sanmau.net

IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at: …

It seems OK now. I will go on with wordpress installing. THANKS A LOT!

#8

Yep, looks like

https://crt.sh/?q=www.sanmau.net

you have created 4 certificates only with www. But the combination of both domain names -> is new, so you have created one certificate with both domain names:

https://crt.sh/?id=1256453780

And you have installed a new Letsencrypt certificate:

CN=sanmau.net
	05.03.2019
	03.06.2019
expires in 90 days	sanmau.net, www.sanmau.net - 2 entries

So both connections are secure.

#9

In case it hasn’t been mentioned, or if you are not aware, there is an entire staging environment that is designed and operates specifically for “testing”.

#10

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.