Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: (www).teanow5pm.co.uk
I ran this command: F:\letsencrypt\wacs.exe --renew --baseuri "https://acme-v02.api.letsencrypt.org/"
It produced this output: Failed to create order: Error creating new order :: too many certificates already issued for exact set of domains: www.teanow5pm.co.uk: see https://letsencrypt.org/docs/rate-limits/
My web server is (include version): WAMP -- Apache 2.4.38b
The operating system my web server runs on is (include version): Windows 10
My hosting provider, if applicable, is: me -- local domain that emulates live server (development), although the domain is real
I can login to a root shell on my machine (yes or no, or I don't know): command prompt only on Windows
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you're using Certbot): n/a
The other day I dusted off a Windows 10 PC I rarely use. I keep it as a spare machine, in case my primary PC explodes. Both machines are used for development of my website. Both have WAMP servers and point to my test version of teanow5pm.co.uk that is not be confused with the live server version that also exists.
On the spare machine the letsencrypt certificate for teanow5pm.co.uk had expired in July, so I went to my main machine and copied the valid certificate (until Jan 31, 2021) over to the other computer. I remember this worked before in the past, probably before March 2020. I copied the certificate, but it failed. Copying to another machine invalidated the certificate, while force renewing the certificate on the machine produced an error:
[EROR] Account found but no valid Signer could be loaded
A similar error was reported, described and resolved on github here:
Unfortunately, importing/exporting, as suggested in the github topic, continued to produce the same error, on the second PC, that is.
So I installed the latest version of win-acme, v22.214.171.1248 (x64, ReleasePluggable), deleted the existing certificate, and issued a certificate from scratch. It worked, but I used up my Certificates per Registered Domain limit in the process of trying to fix the error. You are allowed 5 duplicate certificates per week.
On my main machine I likewise installed the latest version of win-acme. The previous version I used was win-acme v126.96.36.1990. That version had a bug that prevented Task Scheduler in Windows 10 from automatically renewing certificates:
F:\letsencrypt\wacs.exe --renew --baseuri "https://acme-v02.api.letsencrypt.org/".
I found it necessary to manually renew the certificate instead every few months.
The Task Scheduler bug is apparently fixed in the v188.8.131.528 release.
The renewal task ran as scheduled (daily at 9.00) the next day, and promptly it ran against my exceeded rate limit:
[ERR] Failed to create order: Error creating new order :: too many certificates already issued for exact set of domains: www.teanow5pm.co.uk: see https://letsencrypt.org/docs/rate-limits/
My question here is whether there shouldn't be separate Certificates per Registered Domain limits on a per machine basis. In my opinion, it would make sense, because the two certificates issued are different.
Note that I have had to disable the Task Scheduler task for a week to prevent the error. I hope the renewal task will work again next week without generating an error because the rate limit has been temporarily exceeded this week. At the moment (this week) renewing is impossible. Fortunately, the existing certificate won't lapse until January 31.
Thanks for your reply.