Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
I ran this command:
It produced this output:
too many certificates issued for this domain
My web server is (include version):
The operating system my web server runs on is (include version):
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): 1.12.0
Please use one of the previously issued six (!!!) valid certificates. Thank you.
Then there is no option but to wait before you can issue that certificate again.
Please use the staging environment for testing in the future and please don't abuse this free service in the future by issuing many production certificates unnecessarily.
If you haven't done so, it's probably a good idea to read the Let's Encrypt documentation now:
Hey there's no need to talk like that. I have been compromised. Someone else forced this issue and I'm trying to recover from it. Please be polite and understanding.
FWIW I thought Osiris comment was polite and informative.
Could you explain how you were "compromised". That would help us advise you better. I see you issued 5 certs just 3 days ago. But you describe them as "gone". How did that happen?
If your system and private SSL keys were stolen that requires further action than just issuing new certs. Please provide more background of your situation.
I need a fresh start with new certs for my domains. That is all I am willing to discuss. I don’t want to discuss anything further than the process of recovery.
The rate limits can't be "reset" somehow. The only way to re-issue the same certificate is to wait.
You can find out more about the time you'll need to wait on the rate limits documentation page:
And in combination with the link shared by @MikeMcQ above, you can figure out when the sliding window allows a new certificate issuance.
Agree. But they could get a cert from a different CA (ZeroSSL?) either temp or permanent.
@danieljamesbertrand If your private keys were compromised any certs based on them should be revoked.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.