Does the rate limit imposed on requesting certificates is a limit imposed from the Let’s Encrypt server or is a limit from the certbot client? Because I was trying to create certificates for a domain and I didn’t use the --staging option so I hit the rate limit. Do I have to wait seven days from the first request?
It’s a rolling window calculated at the Let’s Encrypt API, so one week after the first request (as long as you’re not above 20/20, which is possible). You can get an exact-(ish) time when any domain-based rate limits expire using https://tools.letsdebug.net/cert-search , assuming the CT logs are caught-up enough to be accurate (a couple of hours typically).
Nice tool, thank you! And if I retry without success to renew the certificate, will it reset the counter for 7 days again or it just stays at the first issuance fail?
Encountering a rate limit error won’t increase your rate limit.
If you fail to issue a certificate because of a failed validation, then you would be subject to the 5 Failed Validations per Hour rate limit.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.