Problem limiting let's encrypt


#1

Good morning;
I have created a subdomain and I would like to equip it with an SSL certificate the’t encrypt here is the error while the site has never generated a ssl certificate

Error: Cannot issue SSL/TLS Let’s Encrypt certificate for revolution.webfire.fr. The limit “Certificates per Registered Domain” has been exceeded for revolution.webfire.fr. Let’s Encrypt allows a maximum of 20 certificates per registered domain per week.


#2

Hi,

In this case, you can’t get a new certificate until the next cycle. (Starting from July 4th)

P.S. we can’t bypass this rate limit or reset it temporarily … since its controlled by server itself…
https://crt.sh/?q=%.webfire.fr

Thank you


#3

Thanks for this information but most of these areas no longer excite I’m not sure I understand


#4

Hi @WebFireFR

are you the owner of webfire.fr? There are a lot of subdomains with certificates.

https://crt.sh/?q=%.webfire.fr

The list looks terrible. Searching Google:

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:true;domain:webfire.fr&lu=cert_search

Looks that you create much more certificates as needed.

Searching livechat.webfire.fr

https://transparencyreport.google.com/https/certificates?cert_search_auth=&cert_search_cert=&cert_search=include_expired:false;include_subdomains:false;domain:livechat.webfire.fr&lu=cert_search

65 active certificates? Normally you should have one ore two active certificates per subdomain.


#5

Yes I am the owner of webfire.fr
I understand what you’re telling me but how let’s encrypt can generate certificates when the domain concerned no longer excises these for its I don’t understand


#6

This is your server, not Letsencrypt. There are cron jobs or other jobs which create new certificate orders.


#7

The question is, why are you creating certificates for domains that don’t exist any more?


#8

Once you have created a certificate, most ACME clients will continue to renew it automatically until you delete the certificate, take the host offline, or change the DNS.

If you’re using certbot, you can view the certificates you have by running certbot certificates (or /path/to/certbot-auto certificates if you are using certbot-auto), and you can delete any certificates you no longer need with certbot delete.


#9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.