Obtaining a new certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: mail.tvnl.eu

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version): ubuntu 20.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 0.40.0

An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: mail.tvnl.eu: see Rate Limits - Let's Encrypt

can I still recover them?
or do I have to wait 60 days?

sudo certbot certonly -a apache --agree-tos --no-eff-email --staple-ocsp --email leo@tvnl.eu -d mail.tvnl.eu
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator apache, Installer None
Obtaining a new certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: mail.tvnl.eu: see Rate Limits - Let's Encrypt
Please see the logfiles in /var/log/letsencrypt for more details.

That depends: what did you do with those 5 certificates?

It seems you're haphazardly creating a lot of certificates recently: crt.sh | mail.tvnl.eu May I remind you that testing should be done against the staging environment?

Also, I don't fully understand what's going on here anyway. You seem to have perfectly fine certificates which include the hostnames mail.tvnl.eu and tvnl.eu for a while now. And now you're running into rate limits for certificates specifically for just mail.tvnl.eu? What's the purpose of that new certificate? Why not just use the old one?

Also, since March 2021 for some reason the www subdomain was dropped. Just noticing that, maybe that was on purpose, maybe not.

2 Likes

I reinstalled the system and lost them
I want the same certificate
I don't want a new one

Then there is no way to retreive the previous issued certificate (the corrsponding private keys to be exact, which is the relevant factor here).

How do you mean these two sentences? What do you define as "the same certificate"? Do you mean the older cert with hostnames mail.tvnl.eu and tvnl.eu? Because it seems you just issued a new certificate with those hostnames: https://crt.sh/?id=5259837057

If you mean you really want a certificate with just mail.tvnl.eu for some (unknown) reason: then you have to wait a week.

3 Likes

I'm waiting. I have no other solution

Perhaps you could elaborate about the importance of that specific certificate, even if you already have a working certificate for that hostname?

Also, 168 hours is not the same as 60 days.

2 Likes

is a private email server
I replaced with tvnl.eu what I have
but some services like outlook refuse emails
I want the mail.tvnl.eu certificate

I'm waiting for a week after I try to do it on mail.tvnl.eu

That command would not create 5 certificates for that same name.
Unless... something is very wrong with your system.

Please show the output of:
certbot certificates

1 Like

I'm waiting a week

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.