Hitting the rate limits wihout any certs this week


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: vpnsr.us

I ran this command:certbot certonly --dns-cloudflare --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini -d singapore-3.vpnsr.us

It produced this output:

Obtaining a new certificate
Performing the following challenges:
dns-01 challenge for singapore-3.vpnsr.us
Unsafe permissions on credentials configuration file: /etc/letsencrypt/cloudflare.ini
Waiting 10 seconds for DNS changes to propagate
Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
There were too many requests of a given type :: Error finalizing order :: too many certificates already issued for: vpnsr.us: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is (include version): ipsec

The operating system my web server runs on is (include version): ubuntu

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Hi,

I am trying to issue new certificate with the above command, no certs issued this week, still I get rate limit error. After going trough the document several times, I guess that it might be renewals, but I am not sure how that would be possible, since nothing is renewed this week.

Any hints are welcome,
Thanks!


#2

Hi @boianmihailov

there are a lot of certificates created 2019-01-09.

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:true;domain:vpnsr.us;issuer_uid:4428624498008853827&lu=cert_search

I didn’t count them. But if you have created 50 certificates, you can create the next 2019-01-16, seven days later.


#3

64, apparently.

Rate Limit Current Status Domain
50 Certificates per Registered Domain per week Limit exceeded (64/50 this week). Next certificate issuable at 2019-01-16T14:28:26.000Z. vpnsr.us

Summary generated at https://tools.letsdebug.net/cert-search?m=domain&q=vpnsr.us&d=168 .

If certificates continue to be renewed at a high rate, the date when you can create new certificates will be pushed back.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.