Nombre de demande

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.century21gsmimmo.com and century21gsmimmo.com

I ran this command: DOMAIN=century21gsmimmo.come ; certbot certonly --expand -c letsencrypt_$DOMAIN.ini && cat /etc/letsencrypt/live/$DOMAIN/{fullchain.pem,privkey.pem} >> /etc/haproxy/ssl/letsencrypt_$DOMAIN.pem

It produced this output: There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: century21gsmimmo.com,www.century21gsmimmo.com, retry after 2024-08-09T17:11:00Z: see Duplicate Certificate Limit - Let's Encrypt

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.5.0

Good morning,

I tried to make an ssl certificate for a client but the certificate didn't work so I tried several times. Would it be possible to deban so that I can honor my contract.

Thanks

No, rate limits cannot be manually lifted.

You have 5 perfectly fine certificates issued already. Please use one of those.

Also, if issuance is not the problem, then please don't issue more certificates than necessary.

I have no certificate, all the certificates were generated as said without error but when I noticed the folder supposed to contain them was not created and the certificate contains 0 bytes. Is there really no way to make an exception?

I really need to generate a certificat for my client. He need it now to open his website.

No. There's no way to make an exception. The page linked in the error message has a workaround though.

You could also get a certificate from a different acme certificate authority. And then return to let's encrypt once your again able to.

I'm a bit stuck, the workaround can't work because it can't change the DNS and it won't accept any other CA than let's encrypt

I do not see any CAA record that would restrict issuance just to let's encrypt. What do you mean by that?

As for the workaround you could get a certificate for each of those domain names individually and adjust your server config accordingly

I work for a client who has strict clients and who would refuse this type of change during launch.

And the workaround is not possible because these only two domains are the two specified in the ticket.

This is why I am asking you if it is really impossible to be able to delete my 5 attempts so that I can deliver the order

is the blocking by ip address or by dns. The server on which the certificate must be is clustered. Would it be possible if we switch and try generation?

Please show the output of certbot certificates.

[11:56:13] root@C21Prod4-haproxyng01:~$ certbot certificates | grep www.century21gsmimmo.com/privkey.pem
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Private Key Path: /etc/letsencrypt/live/www.century21gsmimmo.com/privkey.pem

indeed the certificate and the key have been generated but how do I go about redoing the .pem certificate that I must put in my haproxy

What do you mean by this?

after all this trouble the command you provided me allowed me to discover the files which were not indicated as being created during my tests but were indeed present. I subsequently recreated my .pem for my haproxy and the certificate is valid. Thank you for your help.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.