Increase Rate Limit

My domain is: iowafittingsunlimited.com

I ran this command: Not sure of the exact command that cPanel uses when issuing LE certs.

It produced this output:
1:46:27 PM WARN AutoSSL failed to create a new certificate order because the server’s Let’s Encrypt account (https://acme-v02.api.letsencrypt.org/acme/acct/85449111) has reached a rate limit. (429 urn:ietf:params:acme:error:rateLimited (The request exceeds a rate limit) (Error creating new order :: too many certificates already issued for exact set of domains: cpanel.iowafittingsunlimited.com,cpcalendars.iowafittingsunlimited.com,cpcontacts.iowafittingsunlimited.com,iowafittingsunlimited.com,mail.iowafittingsunlimited.com,webdisk.iowafittingsunlimited.com,webmail.iowafittingsunlimited.com,www.iowafittingsunlimited.com: see https://letsencrypt.org/docs/rate-limits/)) You may contact Let’s Encrypt to request a change to this rate limit.

My web server is (include version): cPanel / WHM 90.0.5

The operating system my web server runs on is (include version): CentOS 7.8

My hosting provider, if applicable, is: We are our own hosting provider, with DigitalOcean infrastructure.

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
cPanel / WHM v 90.0.5

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): Unknown

1 Like

Hi @stevenh1901

you have created certificates. Why do you want to create the next?

2 Likes

Hello!

I’m not exactly sure what’s happened, but the SSL cert isn’t on our system. I believe that we need to temporarily bypass the rate limit so that we can get the cert generated and installed.

You have to read the link shared in the error message.

2 Likes

Gotcha, sorry I didn’t get to the bottom where it says you can’t override the limit. Is there a way to retrieve a lost cert?

That doesn’t help because only your system knows the private key.

Check your system. Where are these 5 certificates you have created?

2 Likes

I’m not sure honestly. I think cPanel might have glitched or something. We use AutoSSL on our cPanel / WHM servers and let that manage all SSL certs and vhosts.

1 Like

I think this is not great phrasing from AutoSSL.

Let’s Encrypt will make rate limit adjustments when an organization has a large enough number of students, customers, employees, etc., who need separate certificates that would otherwise exceed Let’s Encrypt’s rate limits. But Let’s Encrypt doesn’t make adjustments based on an error or misconfiguration by an individual client or user that resulted in certificates or keys not being saved. AutoSSL might be creating a misleading expectation here.

You might want to talk to cPanel support to see if they can help you figure out how the glitch happened, in case it’s a bug that affects other people.

In terms of the rate limit, your main options are

  • wait 7 days for this limit to time out
  • add or remove a subdomain (since the rate limit in question is calculated based on the “exact set of names”, and will not apply if there are more or fewer names covered than there were in the original certificates)
  • use a different ACME CA like BuyPass or ZeroSSL instead of Let’s Encrypt
  • find the certificates or keys somewhere on your system, if they might still exist somewhere
4 Likes

Thank you for the helpful response! That is good to know about requesting a rate limit change.

I’ll talk with cPanel support and see if I can figure out what happened.