DynDNS Service - Rate Limit

IPv64 · January 26, 2023, 6:56am

Hello all,

I'll try to keep this short.
I have started a new free DynDNS service in Germany. Everything works great, until now of course the first support requests come in that I have reached my domain limit at Lets Encrypt.
"Error creating new order :: too many certificates already issued for "home64.de". Retry after 2023-01-26T08:00:00Z: see Rate Limits - Let's Encrypt"

I have 14 domains and for at least 5 of them I already run into the limit. The ACME.SH v2 API integration is ready on my side, but I'm still waiting for acme.sh to implement the pull request.

I have filled out the Let's Encrypt Rate Limit document, but I get a message from support that I should contact them here. I don't understand why, but okay.

Can anyone help me how to set Let's Encrypt to a higher rate limit with 14 domains?

Website: https://ipv64.net
DynDNS Domains: "ipv64.net"
"ipv64.de"
"any64.de"
"eth64.de"
"home64.de"
"iot64.com"
"lan64.com"
"nas64.com"
"srv64.com"
"tcp64.com"
"udp64.com"
"vpn64.com"
"wan64.com"
"eth64.com"

Error:
An unexpected error occurred:

Error creating new order :: too many certificates already issued for "home64.de". Retry after 2023-01-26T08:00:00Z: see Rate Limits - Let's Encrypt

Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Whether the rate limit document or via email I get told to report here.

Many thanks and greetings
Dennis Schröder

rg305 · January 26, 2023, 7:05am

Hi @IPv64, and welcome to the LE community forum

The rate limit document asks for account number OR domain.
Perhaps you filled in both fields.
If so, that will trigger such a failure.

If you are offering public access to these domains, you should register them with the Public Suffix List. See: Public Suffix List

And be prepared to wait.
Nothing in this space is done overnight.

Osiris · January 26, 2023, 7:12am

This is probably the most important step. Not just for Let's Encrypt rate limits (the PSL will deny the request to be added to their list if you cite LE rate limits as the reason), but for security reasons. If different users are using subdomains under the same domain name, the domain names should be on the PSL.

It also happens that LE uses the PSL for their rate limit calculations, but that's more "a coincidende".

IPv64 · January 26, 2023, 7:55am

Okay, thanks so much for your super quick responses. I wanted to register in this Public Suffix List not quite 2 weeks ago.
The pull request is still open and I am waiting for feedback.

Then I have done everything that can be done at this point. I will have to wait, thank you.

Thank you
Dennis

rg305 · January 26, 2023, 8:04am

Best of luck!
Cheers from Miami

system · February 25, 2023, 8:04am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Failed to create Order Help	5	3004	May 28, 2020
Rate-limit issue Help	4	835	July 5, 2018
Rate limit reached based on the error message, but logs says different Help	28	1616	December 4, 2021
Rate limited for duplicate certs for my load balancers - what to do? Help	18	656	May 1, 2022
Need help for rate limit Help	4	332	March 22, 2024

DynDNS Service - Rate Limit

Related topics