"Maximal certificate requests reached for this domain name."

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.doldari.com

I ran this command: Add certificate

It produced this output: "Maximal certificate requests reached for this domain name."

My web server is (include version): nginx

The operating system my web server runs on is (include version): synology DSM 7.2.1-69057

My hosting provider, if applicable, is: N/A

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): control panel of synology DSM 7.2.1

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

At 9 PM yesterday, the certificate for [www.doldari.com] expired. I attempted to renew the Let's Encrypt certificate on Synology, but I kept encountering the error message:
"Please check if your IP address, reverse proxy rules, and firewall settings are correctly configured and try again."

I tried adjusting the port forwarding and firewall settings on Synology, but the renewal continued to fail. I even attempted to issue the certificate using custom Node.js code.

Due to repeated failures, I am now receiving the error:
"Maximal certificate requests reached for this domain name."

Please help.

You have issued 5 certificates in two days (mostly today). crt.sh | doldari.com

Where are those?

There was a failure to renew the certificate on my Synology NAS, so I attempted to obtain a certificate directly from Let's Encrypt by writing a Node.js program, and that's how it happened. On Synology, certificates issued by Let's Encrypt are normally marked with an (RSA/ECC) indicator, but when I obtained certificates through my Node.js program and imported them into Synology, this (RSA/ECC) mark was not displayed. I made multiple attempts to obtain certificates. I would like to know what the correct approach is. Is it okay if the (RSA/ECC) mark is not displayed?

2025년 5월 13일 (화) 오후 7:56, Giuseppe C. via Let's Encrypt Community Support <notifications@letsencrypt.discoursemail.com>님이 작성:

Testing and debugging are best done using the Staging Environment as the Rate Limits are much higher.

And to assist with debugging there is a great place to start is Let's Debug.

I have tried on the Let's debug webpage and found the following results saying that there is no issue found with my domain.

Test result for www.doldari.com using http-01

All OK!

OK

No issues were found with www.doldari.com. If you are having problems with creating an SSL certificate, please visit the Let's Encrypt Community forums and post a question there

I don't know. That's a Synology-specific piece of knowledge. The certificates are fine and they're RSA, but I have no idea if Synology can use them.

I have finally succeeded in obtaining a certificate for www.doldari.com.

It seems there was an issue with the port forwarding setup. Previously, I had only configured TCP for ports 80 and 433 on the iptime router. This time, I also set up UDP, and I believe this is why the certificate issuance was successful.

Thank you to everyone who helped and showed interest.

In particular, I was able to identify the networking issue by first running a test on Let's Debug, as suggested by Bruce5051.

Do you mean 443 ?

Challenges sent to you by the Let's Encrypt server do not use UDP. Glad you are working but this wasn't the reason. Perhaps resetting your rules "unstuck" something in your router.

Yes, it was 443
Now I am free. I can go to bed thanks to you!

2025년 5월 14일 (수) 오전 1:32, Mike via Let's Encrypt Community Support <notifications@letsencrypt.discoursemail.com>님이 작성: