My domain is: comptoirdespecheurs:com / www comptoirdespecheurs:com / fishingthespot:uk / fishingthespot:co.uk / fishingthespot:us
I ran this command: certbot --nginx -d comptoirdespecheurs:com -d www.comptoirdespecheurs:com -d fishingthespot:uk -d fishingthespot:us -d fishingthespot:co.uk
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
You have an existing certificate that contains a portion of the domains you
requested (ref: /etc/letsencrypt/renewal/comptoirdespecheurs.com.conf)
It contains these names: comptoirdespecheurs:com, www.comptoirdespecheurs:com
You requested these names for the new certificate: comptoirdespecheurs:com,
www.comptoirdespecheurs:com, fishingthespot:uk, fishingthespot:us,
Do you want to expand and replace this existing certificate with the new
Renewing an existing certificate
An unexpected error occurred:
There were too many requests of a given type :: Error creating new order :: too many certificates already issued for: comptoirdespecheurs:com: see https://letsencrypt.org/docs/rate-limits/
Please see the logfiles in /var/log/letsencrypt for more details.
My web server is (include version): nginx 1.14.0-0ubuntu1.6
The operating system my web server runs on is (include version): Ubuntu Bionic
My hosting provider, if applicable, is: SoYouStart
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): certbot 0.31.0
Few days ago, our servers was on a Kubernetes cluster with Traefik for automatic TLS requests. Last week, we’ve moved to a temporary server, without Kubernetes/Traefik/Docker, a pretty old method with all services on the same server.
The TLS for the principal website (www).comptoirdespecheurs:com works and the TLS cert is ok. But I’m trying to add our international websites ( fishingthespot.* ) but we reach a rate-limit since last week, but we don’t understood why.
On https://crt.sh/?q=comptoirdespecheurs.com we haven’t reach 50 requests / week.
May be it’s caused by our staging server, still on previous server with Kubernetes / Traefik, BUT it’s not the same IP address, all subdomains on our domains (excepted www) are associated to a specific GIT branch of our development (with htpasswd). Excepted for one subdomain (master), all other new request for others subdomains are also refused for the same rate-limit error.
Our production servers DNS go on 18.104.22.168, and all our subdomains DNS (excepted www) go to CNAME staging.fishingthespot:com and redirect to 22.214.171.124
Since many months, on our Kubernetes/Traefik, we have requested many more TLS for all our future international website ccTLD ( .cn .it, .es … ), but we’ve found many errors last weeks about our .cn ccTLD, so I’ve removed the Traefik TLS request for not yet used international websites ( so only TLS for .co.uk .uk and .us )
We’ve reach some rate-limits, but we don’t known which ones, may be too much errors ( caused by .cn ) but the documentation explain it’s while 1 hour maximum. So may be it’s the 50 requests per Registred Doamin per week, but on crt.sh, this doesn’t seems to have reach 50 requests…
Any help will be really appreciated !