and i use command ‘certbot certonly --manual -d ‘*.aimeici.com’ --force-renewal’ get the error like this : “An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains: *.aimeici.com: see https://letsencrypt.org/docs/rate-limits/”…
First of all, you need to solemnly swear to this forum to never ever use --force-renewal again. Then we'll see if we want to help you get around the rate limits.
yeah…
because when i use the command as i mentioned above, it always show me success updated message, but the expired time never change in the message…so i thought it’s not updated successful…
then i deleted the new created key files , and tried many times with the command…
sorry for the --force-renewal param …but i have a little confused why can not use it…i googled it out and it works well every time before…
Because it always renews, whether you need it or not. In this case, you did not, and the expiration date didn't change (because it's longer than 30 days in the future).
Keep your certs for 60 days and let certbot renew them automatically.
ok i get that...next time i will not use the param
but it's not... because my certs last expiration date was today... so i tried to update it two days ago and the message did not show the correct expiration date cause i thought it's not success updated, and i delete the all key files
now I get what the problem is. you used certonly, which does not install your certificate, and you still saw the old certificate when connecting to your website. you need to install the certificate after obtaining it, using a --deploy-hook or manually. go find certbot’s manpage and read it carefully.
ok…
but is there any way to solve the current problem that i’ve deleted my private key file.
i can not open my web through https…that makes me fluster now
@yq122
I’m feeling generous today. After dealing with a monster issue for hours with little headway, I’m going to give you some clues. Follow @9peppe’s advice and don’t make regret my actions. @9peppe might grill me
You can see any certificates you’ve successfully generated at https://crt.sh/?q=aimeici.com. Considering that Let’s Encrypt always generates pairs of associated certs, from your 10 entries dated August 14 you can see that you have 5 successful renewals. So, anytime you successfully generate a cert, it can be seen (and downloaded) there. Just don’t lose your private key.
You can get another certificate (don’t murder me @9peppe) by adding your main domain name aimeici.com to your new request. So: