While I played with updates for nginxproxy/acme-companion and checking options to solve problems my certificates were lost and now my host is blocked. I don't have old certificates and can't fetch new because of rate limits. And API returns me absolutely unrealistic deadlines.
[Sat Oct 2 20:18:38 UTC 2021] Getting domain auth token for each domain
[Sat Oct 2 20:18:39 UTC 2021] Create new order error. Le_OrderFinalize not found. {
"type": "urn:ietf:params:acme:error:rateLimited",
"detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: my_domain_was_here.dot: see https://letsencrypt.org/docs/rate-limits/",
"status": 429
}
Maybe it is not good idea to have so poor limits during this difficult time?
Sorry you're running into trouble. One common workaround for the "duplicate certificate limit" (the one you're hitting) is to add some arbitrary subdomain to your requests so they are no longer an exact duplicate.
Also, keep a copy of your certificates around between attempts so you can better deal with rate limit situations.
Please use an existing certificate from the backups you took before deleting them. In the future the staging environment should be used for debugging systems.
Using the production API costs let's encrypt, the resources to issue the certificate are expended and they are obligated to provide sufficient capacity for OCSP responses. It's disrespectful to waste it.
Why?
It seems that your certificate maintenance procedures are lacking some basic steps.
Also, it would be nice to use the staging system while you test things (and until all tests are passed).
Without production limits it would be way too easy for intentional, or unintentional, overloading to create a DoS on the entire PKI system.