We’ve gotten some reports from people who have gotten an odd style of 429 error message from Let’s Encrypt recently, related to the “Overall Requests” limits described at https://letsencrypt.org/docs/rate-limits/. Those limits are implemented using Nginx’s
limit_req. There were two specific problems:
- We were serving HTML, when ACME clients (rightly) expect JSON.
- We were serving 429s to clients that stayed below the documented limits.
To fix (2), we recently made two changes. We removed the “nodelay” parameter from limit_req, so Nginx will queue a small number of requests rather than rejecting them immediately. And we increased the “burst” parameter from 5 to 40. After making these changes, the number of Nginx-style 429s we serve dropped dramatically.
We are also working on a config change to fix (1) and return JSON for these errors. Thanks to everyone who reported!