Erro emissão certificado

Posso ler respostas em inglês:

Meu nome de domínio é:

Executei esse comando:
pedido de certificado

Produziu essa saída:
Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: see Rate Limits - Let's Encrypt

Meu servidor web é (com versão):
windows server 2012

O sistema operacional no meu servidor web é (com versão):

O serviço de hospedagem do meu site (se aplicável) é:

Posso acessar um shell root na minha máquina (sim ou não, ou não sei):

Uso um painel de controle para administrar meu site (não, ou indique o nome e a versão do painel de controle):

Quanto tempo tenho de esperar para solicitar novo certificado?

Oi @rmfs,

Terá que esperar uma semana, ou adicionar outro nome ao pedido.


Boa tarde,

Já consegui gerar, mas agora estou com outro problema.

Gerei para sem problema. Estou a tentar gerar para e devolve o seguinte erro: "A primary Domain must be included"

Obrigado pela ajuda

1 Like

@webprofusion I'm not familiar with this error ("a primary domain must be included"); would you mind giving advice or a pointer to documentation about this?

@rmfs o @webprofusion é o desenvolvidor da aplicação que você usou, e deve saber o que fazer aqui.

@webprofusion is it possible to help me please

@rmfs, existe um fórum para o CertifyTheWeb:

Acho que alguém lá saberia a solução, só não sei se eles aceitam perguntas em português!


The error means you have tried to create a certificate without adding one or more domains to be included on the certificate. In your screenshot your arrow is pointing to the "Title" for the managed certificate (which could just as easily be "Customer Site 1" and is not the domain name). This is automatically set from the IIS site name but is not necessarily your actual domain, it's just a label.

When you select an IIS website from the dropdown list it would normally populate the list of domain bindings you have already setup for that website in IIS. Here is an example:

Note that you can enter them manually (Add domains to certificate:) but that's usually not required if the website is already setup in IIS, unless you have intentionally not set a hostname in your bindings (why?).

Please do provide further details on the certify community forum if you would like to. I'd need to see your existing IIS bindings for that site. The green text in the list suggests you have already assigned one or more https bindings to that site in IIS.

The normal process is:

  • Setup your site in with http bindings in IIS, set a hostname http binding in IIS for each hostname/domain you need on the same certificate.
  • In Certify The Web, click New Certificate > Select Site, your website domains set (in IIS) in the previous step will be read by the app and displayed under 'Domains and Subdomains to include'. Then you can click Request Certificate to order, validate, download and apply the certificate. Subsequent renewals will be automatic.

[Edit] Here is my sample http binding in IIS (I also have the https binding because Certify The Web has already set it up for me):


Hi webprofusion,
Thank you for your help.

I need the HTTPS binding and pfx certificate for the following names:

both have the same domain


Thanks, so you first need to have an http binding for each site, so that the app knows which domains map to which website, the Site Name is not a real domain, it's just a label.

Select a single site in IIS manager (such as, then choose Bindings... from the menu. You need to have either an http or https binding with the Hostname set to your domain, like this:


Once a hostname matching your domain has been set, Certify The Web can pick up the domain and include it in your certificate - you may need to click the refresh button to see all the domains from your site bindings, like this:

The benefit of working this way is that the app can automatically match your new certificate to your website using the domain (hostname) from the IIS binding.

1 Like

Thanks again for your help.

now I've managed to generate the certificate for both.

the problem is that returns the site in https, but does not.

as you can see in the image I have the certificate generated and applied and valid

1 Like

Did you mean to bind to port 4433? The normal port for https is 443.

On windows, you can bind multiple certificates to the same IP and port combinations as long as:

  • your https bindings are all set to use SNI (Server Name Indication)
  • all https bindings have a hostname/domain set
  • all https bindings have IP address set to All Unassigned

If you have an https binding that either doesn't have a hostname or has a specific IP , you will get certificate binding conflicts (and the wrong cert will be served for sites) because specific bindings take priority over less-specific bindings.

1 Like

Note that binding to would actually work, but you'd need to open that firewall port :slight_smile:

1 Like

Thanks a lot for the help.

I managed to solve it, checking the communication ports.

I didn't remember this situation.

Thank you very much for your help and your patience.