Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

// ========= Notes =========

This above unresolved Topic has made me be very careful in trying to add multiple subdomains to the Sandbox domain in case I exceed the CA rate limits… and get another domain locked out for 7 days.

The jb-python.tk domain is a sandbox that I would like to add multiple subdomains before attempting to add subdomains onto the another locked out domains. I blindly followed a post that said just do this and suffering the consequences of losing about a dozen domains.

I would be grateful for the exact procedure to add multiple subdomains to the existing sandbox.

Also if I successfully add ten subdomains how long before I can add another two subdomains.

As mentioned please, please only post tried & trusted solutions and also any limits of which I should be aware.

There is no point in restating those here. They are all described on the Rate Limits page

As for adding names and certs, I recommend waiting until you resolve your prior problem. Your Apache config is in an odd state and trying to "muck about" before it is clean is likely to create a more challenging problem. The "exact procedure" you want will probably become clear as that resolves.

Hi @John_Betong,

None of your prior issuance activity looks like it would have come anywhere close to a Let's Encrypt rate limit:

You can see all of the details of the Let's Encrypt rate limits at

The main limit is Certificates per Registered Domain (50 per week). A registered domain is, generally speaking, the part of the domain you purchased from your domain name registrar. For instance, in the name www.example.com , the registered domain is example.com . In new.blog.example.co.uk , the registered domain is example.co.uk . We use the Public Suffix List to calculate the registered domain. Exceeding the Certificates Per Registered Domain limit is reported with the error message too many certificates already issued , possibly with additional details.

When you re-issue with different subdomains, you will usually be able to do this up to 49 times per week, for a total of 50 certificates per week mentioning a given registered name. If this isn't an automated process and you don't have more than 49 changes per week in your certificate coverage, you should be fine.

If there's a particular issuance strategy that you'd like to ask for clarification about, feel free to ask with more specificity.

You may want to look closely at the rate limit documentation, because one possibility is that there is (or was) an issuance strategy that you could have used to avoid the rate limits—maybe even at the point when you first started getting rate limit errors. For example, if you reissue a certificate 50 times with various changes but all 50 mention the same registered name, you will be rate limited, but if you wanted to add other names that are not subdomains of that name, you would still be allowed to do that in separate certificates.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.