Error to renew certificate

mlopesbjj · September 30, 2020, 3:34pm

When I do a new request to letsencrypt, return an error:
Error Exception thrown during renewal process: Fail to load resource from 'https://acme-v02.api.letsencrypt.org/acme/new-acct'.
urn:ietf:params:acme:error:rateLimited: Error creating new account :: too many registrations for this IP: see https://letsencrypt.org/docs/rate-limits/

So, what can I do to solved this problem?

JuergenAuer · September 30, 2020, 3:43pm

Hi @mlopesbjj

if you have that error, your setup is wrong.

Create one account, use that to create all certificates. Not every certificate creation with a new account.

Osiris · September 30, 2020, 3:58pm

Or you've got a terribly buggy client. Getting that rate limit is extremely RARE and would be either because the client has a bug or you're doing some very weird stuff.

mlopesbjj · September 30, 2020, 4:17pm

Hi @JuergenAuer ,

Thanks for answer.
But I just have only one account. For this server I just need to renew the certificate.

JuergenAuer · September 30, 2020, 4:20pm

Curious.

Is this a shared hosting, so other customers have the same ip?

Share your setup:

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

griffin · September 30, 2020, 10:17pm

That is an amazing deduction, @JuergenAuer. I gotta give you props for this one. A just isn't good enough.

mlopesbjj · October 1, 2020, 7:52am

[quote="JuergenAuer, post:5, topic:134928"]
My domain is:
demosense.esqogito.com

I ran this command:
var acme = new AcmeContext(letsEncryptUri);
var account = await acme.NewAccount("SenseProxyCRT@esqogito.com", true);

It produced this output:

My web server is (include version):
IIS - 10.0.14393.0

The operating system my web server runs on is (include version):
Windows Server 2016 version 1607

My hosting provider, if applicable, is:
Amazon

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no, I provide the name and version of the control panel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
no

griffin · October 1, 2020, 7:56am

Hello Marcio

You've hit the Duplicate Certificate limit.

Exceeding the Duplicate Certificate limit of 5 per week is reported with the error message too many certificates already issued for exact set of domains.

mlopesbjj · October 1, 2020, 8:03am

Hello @griffin

Thanks for answer.
Now, I need to wait the next week to do a new request?

griffin · October 1, 2020, 8:19am

In looking up your history on crt.sh, it looks like you should be able to generate another certificate for demosense.esqogito.com sometime tomorrow. The real rate-limit is 5 duplicate certificates in a rolling 7-day period.

Why are you generating so many identical certificates?
Did you lose all of their private keys?

I'm pretty sure you want to avoid creating a new account. Repeatedly doing so will just cause you to hit a different rate-limit.

You can create a maximum of 10 Accounts per IP Address per 3 hours. Exceeding this limit is reported with the error message too many registrations for this IP.

mlopesbjj · October 1, 2020, 8:36am

@griffin

I'm working on a software that takes the certificate automatically, I must have made a mistake in the logic of the program and ended up generating this problem, but it has already been corrected and now I must wait for tomorrow or the next week to put it into production. I did the tests in the Let's encrypt test environment and everything is fine now. Thanks for your help.

griffin · October 1, 2020, 8:39am

You read my mind.
Glad you got it fixed.

JuergenAuer · October 1, 2020, 8:39am

If you run that command again and again, the error is expected.

One account, multiple certificates.

mlopesbjj · October 1, 2020, 8:43am

@JuergenAuer

I'm working on a software that takes the certificate automatically, I must have made a mistake in the logic of the program and ended up generating this problem, but it has already been corrected and now I must wait for tomorrow or the next week to put it into production. I did the tests in the Let's encrypt test environment and everything is fine now. Thanks for your help.

JuergenAuer · October 1, 2020, 8:52am

Yes, using the test system is a good idea.

Happy to read you have found the bug.

system · October 31, 2020, 8:52am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.