Rate limit server busy retry later appearing at random on last 2 renewals

My domain is: chriscollins.eu

I ran this command:

acme_tiny.py --account-key /home/acme/account.key --csr /home/acme/ssl/chriscollins.eu/chriscollins.eu.csr --acme-dir /home/acme/challenges > /home/acme/ssl/chriscollins.eu/chriscollins.eu.cert

It produced this output:

Response Code: 503
Response: {'type': 'urn:ietf:params:acme:error:rateLimited', 'detail': 'Service busy; retry later.'}

My web server is (include version):

Apache 2.4.57

The operating system my web server runs on is (include version):

FreeBSD 12

Do have root access,

I am using acme-tiny


So every 2 months I renew some domains I manage which use LE certificates, it is only 11 domains. So 11 domains every 2 months.

For years, no problems at all, except in march, and now in may, so last 2 renewals, a few random domains get the following error from LE server.

Response: {'type': 'urn:ietf:params:acme:error:rateLimited', 'detail': 'Service busy; retry later.'}

I was then able to renew another manually fine, its a temporary error, it wasnt the last domains, so one would fail, then next would work. It seems to indicate perhaps a load issue on the LE server, but the message says I am rate limited. However with only 11 requests every 2 months i am way below the documented rate limits, and the error was not persistent.

First time I assumed maybe temporary issue on LE server, but now its happened on two renewals in a row.

Sorry you're hitting 503s. They're not common. In the last two days we've had more than usual, but it's still a fleetingly small percentage of our traffic. We served 55 503s per second around 16:35 UTC yesterday, but out of almost 7,000 successful requests per second.

Thanks for opening the issue on acme-tiny's issue tracker to retry. That's the correct solution on the client side. Meanwhile, we're wrapping this baby with more speed tape.


Yep I opened it after reading your announcement, for now I have moved my cron to a later time in the hour.

Thank you for replying.


Do you have your renewals at a fixed hour? Best practice is to attempt renewals every 12 hours ±random delay (for example Arch Linux employs ±12hrs randomization).

1 Like

And with ARI possibly even more frequent!


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.