Limit Certificates per Registered Domain - 20 per week

I run many times a command

./letsencrypt-auto certonly --standalone --agree-tos --renew-by-default --preferred-challenges http-01 --http-01-port 9999 -d mydomain.org -d www.mydomain.org

and after certain number of times I got an error message:
There were too many requests of a given type :: Error creating new cert :: Too many certificates already issued for exact set of domains: mydomain.org,www.mydomain.org

On page https://letsencrypt.org/docs/rate-limits/ stated that
"The main limit is Certificates per Registered Domain (20 per week). "

If I got an error message at Wednesday then I can to repeat above command after 1 week at Wednesday or at next Monday?

You can issue the next certificate one week after you issued the first one.

(The limit uses a rolling window – you can issue a certificate if you have issued fewer that the maximum in the last 7 days.)

i.e. if a 1st command was at Monday and last command was at Wednesday (when limit is occur) then I can issue the next certificate at next Monday, isn’t it?

That’s correct.

If you’re unsure, consult https://crt.sh/ or post your domain name here to check :slight_smile:

1 Like

Thank you for help! I will try to use https://crt.sh/ at Monday…

For my curiousity, why did you run the command, with --renew-by-default, so many times?

If you are experimenting or testing stuff, it's wise to add the --staging switch to your certbot command. This will give you "fake" (i.e., give an SSL error in client browsers), but otherwise (in te context of webservers) working certificate. The staging server doesn't have such rate limits (not as low at least), so you can experiment and test whatever you like!

And when you're done testing, you can remove the --staging switch to get the final, working certificate.

1 Like

Thank you for clarification I didn’t knew earlier about --staging switch

1 Like

i also recommend you jump up to the certbot client

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.