Nginx Certificate Limit

yunusemre482 · April 12, 2022, 11:08am

I ran this command:
sudo certbot --nginx -d example.com -d www.example.com

It produced this output:

An unexpected error occurred:
Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: holonext.io,www.holonext.io: see Rate Limits - Let's Encrypt
My web server is (include version): Ubuntu 20.04 on AWS

and ı want to use my old fullchain.pem and privekey.pem file how can ı do this using nginx and cerbot without creating new certificates?

9peppe · April 12, 2022, 11:11am

Please run certbot certificates and tell us what you see.

Also make sure there aren't any other acme clients on your machine (are you using... Bitnami?)

yunusemre482 · April 12, 2022, 11:14am

Saving debug log to /var/log/letsencrypt/letsencrypt.log

No certificates found.

there is no certificates but ı have found my old certificates and ı want to use them is this possible?

9peppe · April 12, 2022, 11:17am

Is this machine a new one?

What's your actual domain name?

9peppe · April 12, 2022, 11:19am

Yes. Just put them where nginx can see them and set the ssl_certificate and ssl_certificate_key directives appropriately.

Osiris · April 12, 2022, 4:08pm

It would be best if you could restore the /etc/letsencrypt/ directory to its original state. Certbot also requires a renewal configuration file and specific symbolic links in certain directories to function properly

That said, you could also just store your found certificate/private key somewhere and configure nginx as @9peppe mentions and when it would be time to renew the certificate (30 days before expiry), run Certbot again to get a "new" certificate, which would overwrite the nginx configuration (if run with the --nginx plugin and without certonly).

rg305 · April 12, 2022, 4:24pm

OR...
What is stopping you from just getting a new cert (with a different set of names)?

Osiris · April 12, 2022, 4:27pm

Unnecessarily hogging the Let's Encrypt infrastructure?

rg305 · April 12, 2022, 4:29pm

That was stopped.
And I think they should have learned that lesson (by now).

yunusemre482 · April 13, 2022, 8:28am

Can we use different domain name to get new certificate?
So , can we use that new certificate for a different domain .Can you explain?

9peppe · April 13, 2022, 9:02am

Different set of names means a different thing. To get one, just add a subdomain to your current set of names

yunusemre482 · April 13, 2022, 10:27am

did you mean
certbort -d tempdomain -d olddomain -d www.olddomain
or should we create new subdomain for our domain such as test.domain.com ?

9peppe · April 13, 2022, 10:59am

All of those will work.

system · May 13, 2022, 11:00am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.