The domain I’m trying to issue certificate for is a subdomain for public DNS service linkpc.net, specifically lonchik.linkpc.net. I’m using Crypt-LE tool (https://github.com/do-know/Crypt-LE/releases) to perform the task. Running without --live option (i.e. running against test server) produced success (see below). However, when I added --live option to generate a real certificate, it rejected saying too many certificates issued to linkpc.net (again, see output below). It makes sense that linkpc.net SLD will appear a lot because it uses 3rd domain levels for its users as its service, i.e. mine being lonchik.linkpc.net.
Can LE’s limit be raised for linkpc.net to allow each subdomain to be counted as a separate, individual, unrelated to another *.linkpc.net subdomain for certificate count limit? If not, is there some other work around?
My domain is: lonchik.linkpc.net
I ran this command: le64 --key account.key --email “####@####” --csr domain.csr --csr-key domain.key --crt domain.crt --generate-missing --domains “lonchik.linkpc.net” --unlink --path C:/inetpub/wwwroot/.well-known/acme-challenge -export-pfx #### --live
It produced this output (NOTE: two outputs, first is a test run showing success, second is same thing with --live option as shown above. valid email and pfx password supplied and X’ed out for posting purposes):
C:\Utils\LetsEncrypt>le64 --key account.key --email “XXXX@XXXX”
–csr domain.csr --csr-key domain.key --crt domain.crt --generate-missing --dom
ains “lonchik.linkpc.net” --unlink --path C:/inetpub/wwwroot/.well-known/acme-ch
allenge -export-pfx ####
2017/12/29 16:13:44 [ ZeroSSL Crypt::LE client v0.29 started. ]
2017/12/29 16:13:44 Loading an account key from account.key
2017/12/29 16:13:44 Loading a CSR from domain.csr
2017/12/29 16:13:46 Registering the account key
2017/12/29 16:13:46 The key is already registered. ID: 5306343
2017/12/29 16:13:46 Current contact details: XXXX@XXXXX
2017/12/29 16:13:46 Successfully saved a challenge file ‘C:/inetpub/wwwroot/.well-known/acme-challenge/dmzbaQ3EZzGGxlmppDTFwteGRjP1XyZpm_zz26J0pQc’ for domain 'lonchik.linkpc.net’
2017/12/29 16:13:51 Domain verification results for ‘lonchik.linkpc.net’: succes
s.
2017/12/29 16:13:51 Challenge file ‘C:/inetpub/wwwroot/.well-known/acme-challenge/dmzbaQ3EZzGGxlmppDTFwteGRjP1XyZpm_zz26J0pQc’ has been deleted.
2017/12/29 16:13:51 Requesting domain certificate.
2017/12/29 16:13:51 Requesting issuer’s certificate.
2017/12/29 16:13:51 Saving the full certificate chain to domain.crt.
2017/12/29 16:13:51 Exporting certificate to domain.pfx.
2017/12/29 16:13:51 ===> NOTE: You have been using the test server for this certificate. To issue a valid trusted certificate add --live option.
2017/12/29 16:13:51 The job is done, enjoy your certificate! For feedback and bug reports contact us at [ https://ZeroSSL.com | https://Do-Know.com ]
C:\Utils\LetsEncrypt>le64 --key account.key --email “XXXX@XXXX”
–csr domain.csr --csr-key domain.key --crt domain.crt --generate-missing --dom
ains “lonchik.linkpc.net” --unlink --path C:/inetpub/wwwroot/.well-known/acme-ch
allenge -export-pfx #### --live
2017/12/29 16:16:00 [ ZeroSSL Crypt::LE client v0.29 started. ]
2017/12/29 16:16:00 Loading an account key from account.key
2017/12/29 16:16:00 Loading a CSR from domain.csr
2017/12/29 16:16:02 Registering the account key
2017/12/29 16:16:03 The key has been successfully registered. ID: 26677225
2017/12/29 16:16:03 Make sure to check TOS at https://letsencrypt.org/documents/
LE-SA-v1.2-November-15-2017.pdf
2017/12/29 16:16:03 Current contact details: ####@####
2017/12/29 16:16:03 Error requesting certificate: Error creating new cert :: too
many certificates already issued for: linkpc.net
My web server is (include version): IIS on Windows 8
The operating system my web server runs on is (include version): Windows 8
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no