Rate Limits breached on acme-v02.api

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
bmc-devt.np.az.dwpcloud.uk
I ran this command:
orderResource = acme.new_order(csr_pem)
How long do I need to wait for this limit to be reset, I am waiting to deploy this source to production but currently I am processing using the acme-staging-v02.api
It produced this output:
Result: Failure Exception: Error: urn:ietf:params:acme:error:rateLimited :: There were too many requests of a given type :: Error creating new order :: too many certificates already issued for exact set of domains: integration.bmc-devt.np.az.dwpcloud.uk: see Rate Limits - Let's Encrypt - Free SSL/TLS Certificates Stack: File “/azure-functions-host/workers/python/3.8/LINUX/X64/azure_functions_worker/dispatcher.py”, line 370, in _handle__invocation_request call_result = await self._loop.run_in_executor( File “/usr/local/lib/python3.8/concurrent/futures/thread.py”, line 57, in run result = self.fn(*self.args, **self.kwargs) File “/azure-functions-host/workers/python/3.8/LINUX/X64/azure_functions_worker/dispatcher.py”, line 548, in __run_sync_func return func(**params) File “/home/site/wwwroot/certrenewer/init.py”, line 175, in main orderResource = acme.new_order(csr_pem) File “/home/site/wwwroot/.python_packages/lib/site-packages/acme/client.py”, line 668, in new_order response = self._post(self.directory[‘newOrder’], order) File “/home/site/wwwroot/.python_packages/lib/site-packages/acme/client.py”, line 97, in _post return self.net.post(*args, **kwargs) File “/home/site/wwwroot/.python_packages/lib/site-packages/acme/client.py”, line 1201, in post return self._post_once(*args, **kwargs) File “/home/site/wwwroot/.python_packages/lib/site-packages/acme/client.py”, line 1214, in _post_once response = self._check_response(response, content_type=content_type) File “/home/site/wwwroot/.python_packages/lib/site-packages/acme/client.py”, line 1072, in _check_response raise messages.Error.from_json(jobj)
My web server is (include version):

The operating system my web server runs on is (include version):
linux Azure hosted Function App
My hosting provider, if applicable, is:
Azure Function App Python 3.8
I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
Python 3.8 deployed Function App
acme==1.12.0

Hi @MattShaw

why do you want that? You have created too much certificates, so you can use one. There is no need to create the next certificate. That's the idea of a rate limit.

Hi thanks for replying
the limit was exceeded developing an auto certificate renewal function.
The application runs on a timer - will be set to every 90 days going forward but it was run many times during the development process. The certificates that were generated against the ACME-v02.api were not stored anywhere they were generated during development - I don't have a way to recover that data. Once I hit the limit I moved over to acme-staging-v02.api to complete the development testing. I now need to switch back to the proper API in readiness for production.

You have to read the document shared in the error message. Your question says: You didn't. Change that.

It shouldn't be. It should be set to inspect the existing cert, and renew it when it has less than a certain amount (30 days, typical) of validity remaining. But the job should run daily or even more often, to avoid your cert expiring because of LE maintenance, downtime, other network issues, etc.

Too little, too late.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.