Error to renew certificate

When I do a new request to letsencrypt, return an error:
Error Exception thrown during renewal process: Fail to load resource from 'https://acme-v02.api.letsencrypt.org/acme/new-acct'.
urn:ietf:params:acme:error:rateLimited: Error creating new account :: too many registrations for this IP: see https://letsencrypt.org/docs/rate-limits/

So, what can I do to solved this problem?

1 Like

Hi @mlopesbjj

if you have that error, your setup is wrong.

Create one account, use that to create all certificates. Not every certificate creation with a new account.

2 Likes

Or you've got a terribly buggy client. Getting that rate limit is extremely RARE and would be either because the client has a bug or you're doing some very weird stuff.

1 Like

Hi @JuergenAuer ,

Thanks for answer.
But I just have only one account. For this server I just need to renew the certificate.

1 Like

Curious.

Is this a shared hosting, so other customers have the same ip?

Share your setup:


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

3 Likes

:star2: That is an amazing deduction, @JuergenAuer. I gotta give you props for this one. A :heart: just isn't good enough.

[quote="JuergenAuer, post:5, topic:134928"]
My domain is:
demosense.esqogito.com

I ran this command:
var acme = new AcmeContext(letsEncryptUri);
var account = await acme.NewAccount("SenseProxyCRT@esqogito.com", true);

It produced this output:
image

My web server is (include version):
IIS - 10.0.14393.0

The operating system my web server runs on is (include version):
Windows Server 2016 version 1607

My hosting provider, if applicable, is:
Amazon

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no, I provide the name and version of the control panel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
no

1 Like

Hello Marcio :slightly_smiling_face:

You've hit the Duplicate Certificate limit.

Exceeding the Duplicate Certificate limit of 5 per week is reported with the error message too many certificates already issued for exact set of domains.

Hello @griffin

Thanks for answer.
Now, I need to wait the next week to do a new request?

1 Like

In looking up your history on crt.sh, it looks like you should be able to generate another certificate for demosense.esqogito.com sometime tomorrow. The real rate-limit is 5 duplicate certificates in a rolling 7-day period.

Why are you generating so many identical certificates?
Did you lose all of their private keys?

I'm pretty sure you want to avoid creating a new account. Repeatedly doing so will just cause you to hit a different rate-limit.

You can create a maximum of 10 Accounts per IP Address per 3 hours. Exceeding this limit is reported with the error message too many registrations for this IP.

1 Like

@griffin

I'm working on a software that takes the certificate automatically, I must have made a mistake in the logic of the program and ended up generating this problem, but it has already been corrected and now I must wait for tomorrow or the next week to put it into production. I did the tests in the Let's encrypt test environment and everything is fine now. Thanks for your help.

1 Like

You read my mind. :slightly_smiling_face:
Glad you got it fixed.

1 Like

If you run that command again and again, the error is expected.

One account, multiple certificates.

3 Likes

@JuergenAuer

I'm working on a software that takes the certificate automatically, I must have made a mistake in the logic of the program and ended up generating this problem, but it has already been corrected and now I must wait for tomorrow or the next week to put it into production. I did the tests in the Let's encrypt test environment and everything is fine now. Thanks for your help.

3 Likes

Yes, using the test system is a good idea.

Happy to read you have found the bug. :+1:

3 Likes