I have reached the limits for testing... what now?


#1

My domain is:
Private because of private customer data
I ran this command:
sudo certbot --apache
It produced this output:
An unexpected error occurred: There were too many requests of a given type :: Error finalizing order :: too many certificates already issued for exact set of domains: privatedomainname: see https://letsencrypt.org/docs/rate-limits/
My web server is (include version):
Apache/2.4.29 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 18.04

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

Hello there,
Yesterday, I was using Let’s Encrypt on my Ubuntu 18.04 LTS (apache) server with certbot.
I was testing the SSL certificates how it works, because I never did it before. And unfortunately, I have reached the limit.

I have 2 different domainnames. One is live and one is for testing.

I am testing my API for a customer. It requires an SSL so the front-end can get responses from the API. I got a lot of problems so I switched the domainnames a lot. So I thought I had to delete and create a new SSL on every switch. And unfortunately, I didn’t read it has ratelimits.

Is it possible for having more than 5 rate-limits? Or is there a different solution? I can’t wait 7days and I have to keep testing.


#2

Hi,

If you are using that domain for testing, you could use certbot’s staging server which have a lot higher rate limits (although not trusted)

For now (on production server), you’ll need to wait (at most) 7 days until the rate limit refreshes.

Thank you


#3

Temporarily add a new subdomain to your certificate.


#4

But not for testing!!!

As @stevenzhu pointed out, testing should be done on the staging server! See also: https://letsencrypt.org/docs/staging-environment/


#5

Thanks for the replies.

I guess then I have to wait 7 days. The front-end will only accept valid certificates. So the staging environment will be no use.

Thanks for the help!


#6

If you can reorganize your certificates so that they don’t include that exact combination of names, you can get a production certificate immediately (for example, combining certificates that are current separate, or separating certificates that are current combined). But that might not be your preferred solution.