Error finalizing order :: too many certificates already issued for exact set of domains

AlexeyS · June 16, 2018, 5:29am

Good afternoon!
You can help get a certificate. Unsuccessful attempts were made.
How can I delete already received from the database or get a new one?
Or can I get it already ready?

My domain is: sinekt.ru

Certificate signature failed. If you supplied your own CSR make sure the domains on it match what you put on SSLForFree. If there is a rate limiting error at the end of this paragraph certificates per Domain is currently 5 per 7 days. Try asking Lets Encrypt to increase the limit or wait 7 days. Rate limits should increase in the near future. { “type”: “urn:ietf:params:acme:error:rateLimited”, “detail”: “Error finalizing order :: too many certificates already issued for exact set of domains: sinekt.ru,www.sinekt.ru: see https://letsencrypt.org/docs/rate-limits/”, “status”: 429 }

sahsanu · June 16, 2018, 8:06am

Hi @AlexeyS,

You have issued 5 certificates for the same domains sinekt.ru and www.sinekt.ru in last 7 days:

CRT ID     CERT TYPE  DOMAIN (CN)      VALID FROM             VALID TO               EXPIRES IN  SANs
529224880  Pre cert   sinekt.ru        2018-Jun-15 11:00 UTC  2018-Sep-13 11:00 UTC  89 days     sinekt.ru
                                                                                                 www.sinekt.ru
529204215  Pre cert   sinekt.ru        2018-Jun-15 10:36 UTC  2018-Sep-13 10:36 UTC  89 days     sinekt.ru
                                                                                                 www.sinekt.ru
529163812  Pre cert   sinekt.ru        2018-Jun-15 10:24 UTC  2018-Sep-13 10:24 UTC  89 days     sinekt.ru
                                                                                                 www.sinekt.ru
528808492  Pre cert   sinekt.ru        2018-Jun-15 08:31 UTC  2018-Sep-13 08:31 UTC  89 days     sinekt.ru
                                                                                                 www.sinekt.ru
528465034  Pre cert   sinekt.ru        2018-Jun-15 11:05 UTC  2018-Sep-13 11:05 UTC  89 days     sinekt.ru
                                                                                                 www.sinekt.ru

So you have reached this limit (more info about rate limits here Rate Limits - Let's Encrypt ):

We also have a Duplicate Certificate limit of 5 certificates per week. A certificate is considered a duplicate of an earlier certificate if they contain the exact same set of hostnames, ignoring capitalization and ordering of hostnames. For instance, if you requested a certificate for the names [www.example.com, example.com], you could request four more certificates for [www.example.com, example.com] during the week. If you changed the set of names by adding [blog.example.com], you would be able to request additional certificates.

There is no way to override this limit so if you want to issue a new certificate for the same exact set of domains sinekt.ru and www.sinekt.ru you will need to wait till next Friday 2018-Jun-22 09:32:00 UTC. Or you could include a new domain or subdomain to the request, something like sinekt.ru, www.sinekt.ru and blog.sinekt.ru so the 5 duplicated certs per 7 days rate limit won't apply to the request, but keep in mind there is another rate limit, 20 certificates per 7 days and you have already issued 9 certs for your domain in last 7 days.

The other option is to use one of the 5 certificates you have already issued... why are you trying to issue the same certificate once and again?

Cheers,
sahsanu

AlexeyS · June 16, 2018, 1:07pm

Thanks, I received it!
Several times the domain was transferred, there were also problems with displaying images when SSL was enabled.

system · July 16, 2018, 1:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.