Rate Limit problem(2)


#1

I just got done debugging my scripts to install certificates for my domain, and decided to move onto my mail server setup.
When I looked into my /etc/letsencrypt/live folder, I noticed two folders there for my domain; one of them appended with -0001.
So I deleted them and tried again, but got an error:

2016-03-03 05:17:15,114:WARNING:letsencrypt.cli:Renewal conf file /etc/letsencrypt/renewal/mydomain.tld-0001.conf is broken. Skipping.
2016-03-03 05:17:15,119:WARNING:letsencrypt.cli:Renewal conf file /etc/letsencrypt/renewal/mydomain.tld.conf is broken. Skipping.

So I went through the other folders and deleted all references to my domain and tried again. But this time I got a different error:

There were too many requests of a given type :: Error creating new cert :: Too many certificates already issued for: mydomain.tld.

Now what?


#2

Why?

Wait 7 days from when the first of them was issued, and try again. Or restore /etc/letsencrypt/live from backup, if you have a backup.


#3

Thanks danb.
Because there were two and I didn’t know which one to choose, so I thought I would start from scratch.

Which of the two do I restore? With or without the -0001 appended? (I would prefer if I could use the one without.)


#4

The one without numbers would have been for the 1st set of names used.


#5

I’d restore both, and use whichever was created most recently, as presumably that’s the closest to what you actually want. You can use openssl from the command line to view each of the certs to confirm which hostnames it covers and the validity dates.

Although I misspoke when I said to restore /etc/letsencrypt/live–if you deleted anything in /etc/letsencrypt/archive, you’ll need to restore that as well.


#6

I only restored the -0001 and removed the suffix, and edited the conf file in the renewal folder to suit.
It’s all working fine now.

Thanks for your help dan & cool!