No certificate for .cu.cc domains

Hi,

I’m trying to generate a Lets Encrypt certificate for my domain somename.cu.cc. But I get an error.

Error creating new cert :: too many certificates already issued for: cu.cc

Is it because cu.cc is not recognized by Lets Encrypt as a tld?

The full error message is

ValueError: Error signing certificate: 429 {
“type”: “urn:acme:error:rateLimited”,
“detail”: “Error creating new cert :: too many certificates already issued for: cu.cc”,
“status”: 429
}

It’s because your domain is a subdomain. Let’s Encrypt rate limits the production environment issuance to 20 per week(https://letsencrypt.org/docs/rate-limits/).

No its not a subdomain. Its a primary domain under .cu.cc

Hi @Kladizkov,

Yes, it is, well, tld is not accurate, Let's Encrypt uses the publicsuffix-go and this list gets the data from Public Suffix List to know what are the tld domains... but this list also includes non tld domains. In your case, cu.cc is not included in that list so your domain.cu.cc is not a primary domain for Let's Encrypt but a subdomain so, if lot of people uses a cu.cc domain to issue a cert, the 20 certs per domain limit is reached quickly and could be almost impossible to issue a cert for your domain.

cu.cc owner could request to be included on this list but not only to allow issue certs for the subdomains but also to avoid privacy-damaging "supercookies" being set for high-level domain.

Cheers,
sahsanu

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.