rate limit

I am trying to obtain new certificate since I have migrated to a new dynamic dns domain; from to but I am getting a rate limit I have tried this since January 21, uptill now I still get rate limit however whenver I go to the I still see that others have successfully obtained new certificates ?how is this possible? I still have the certificate can I use it to change/add domain to

What is the full error message you are getting? is not on the public suffix list, which Let's Encrypt uses to determine rate limits, so using it with Let's Encrypt may not be a good idea unless the domain owner submits it to the PSL. IS on the PSL and has higher rate limits.

The error states that rate-limit si sxceeded for the domain.
It is owned by a dynamic dns service. I am going to upload a copy of the error log later.

Hi. I've split these posts into a new thread, since they concern a different domain. :slightly_smiling_face:

It depends.

Some of them are probably, by coincidence or careful timing, creating certs right when the rate limits allow it. (Like when only 19 certificates have been issued in the previous week because the 20th is 1 week and 1 second old.)

Some of them are renewals of existing certificates, which fall under the Renewal Exemption to that rate limit.

If you carefully analyze the CT records, or use a program like lectl to do it for you, you can find out exactly when you can try to create a new certificate, if no one beats you to it. (After that, you would have no problem renewing it.)

The domain owner should submit their domain to the Public Suffix List or apply for a rate limit exemption from Let's Encrypt.

If they're unwilling or unable to, you could switch to a domain that is less popular, already exempt, or already on the Public Suffix List.

I’ve already emailed the owner about adding the domain to the Public Suffix Link and now waiting for a reply. Thank You

So I tried to obtain certificate this morning still with the error:

sudo certbot certonly --standalone -d
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for
Waiting for verification…
Cleaning up challenges
Generating key (2048 bits): /etc/letsencrypt/keys/XXXXX_key-certbot.pem
Creating CSR: /etc/letsencrypt/csr/XXXXX_csr-certbot.pem
An unexpected error occurred:
There were too many requests of a given type :: Error creating new cert :: too many certificates already issued for: see
Please see the logfiles in /var/log/letsencrypt for more details.

So I tried to use lectl to determine when I can obtain a new certificate for the ‘’ domain and I tried it last night and this morning the results. Last night it says I can obtain certificate at Jan 26 and now it says Jan 27? I have yet to receive a reply to the administrator of to include the to the PSL.

Other people keep renewing certificates, so I guess the number will keep changing. :slightly_frowning_face:

I thought the renewals have higher rate limits?

Sort of. Renewals can be issued when some of the other rate limits are exceeded, but the renewals will still count against the rate limits, preventing new certificates from being issued.

(Let's Encrypt is working on improving the situation, but it's complicated.)

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.