Reg : cPanel Rating Limits


#1

I have installed a cent os with latest cPanel and enabled LetsEncrypt
and i have a domain name called wppilot.in
I have a lot of subdomains but those subdomains are not created under a single cpanel account. each subdomain will be created as a single cPanel Account and as of now i have 50 Domains

but when i try to use letsenc i got it working for few domains but then i keep getting this message below

#### Log for the AutoSSL run for “wppilot”: Saturday, August 18, 2018 6:39:37 PM GMT+05-30 (Let’s Encrypt™)

6:39:37 PM AutoSSL’s configured provider is “Let’s Encrypt™”.

Checking websites for “wppilot” …

6:39:38 PM Analyzing “client.wppilot.in” …

6:39:38 PM ERROR TLS Status: Defective

Certificate expiry: 8/18/19, 4:13 AM UTC (364.63 days from now)

ERROR Defect: OPENSSL_VERIFY: The certificate chain failed OpenSSL’s verification (0:18:DEPTH_ZERO_SELF_SIGNED_CERT).

6:39:38 PM Analyzing “wppilot.in” …

6:39:38 PM SUCCESS TLS Status: OK

Certificate expiry: 11/11/18, 4:03 AM UTC (84.62 days from now)

6:39:38 PM Performing DCV (Domain Control Validation) …

Analyzing “client.wppilot.in”’s DCV results …

6:39:43 PM “Let’s Encrypt™” HTTP DCV OK: www.client.wppilot.in

“Let’s Encrypt™” HTTP DCV OK: client.wppilot.in

AutoSSL will request a new certificate.

6:39:43 PM The system will attempt to renew the SSL certificate for the website (client.wppilot.in: client.wppilot.in www.client.wppilot.in).

6:39:44 PM WARN (XID z9q9qa) The ACME function “https://acme-v01.api.letsencrypt.org/acme/new-cert” indicated an error: “Error creating new cert :: too many certificates already issued for: wppilot.in: see https://letsencrypt.org/docs/rate-limits/ (The request exceeds a rate limit)” (429, “Too Many Requests”, urn:acme:error:rateLimited). at bin/autossl_check.pl line 373.

6:39:44 PM The system has completed the AutoSSL check for “wppilot”.

#2

Hi,

You’ve hit the certificates per registered domain limit for this week…

The main limit is Certificates per Registered Domain , (50 per week). A registered domain is, generally speaking, the part of the domain you purchased from your domain name registrar. For instance, in the name www.example.com , the registered domain is example.com . In new.blog.example.co.uk , the registered domain is example.co.uk . We use the Public Suffix List to calculate the registered domain.

If you have several accounts over a bunch of subdomains, you probably want to use an wildcard certificate with cPanel’s certificate sharing options…

https://confluence1.cpanel.net/plugins/servlet/mobile?contentId=2450226#content/view/2450226

Thank you


#3

Hi

Thanks for your reply. I enabled shared SSL from here

but still ssl for subdomains is not getting installed.


#4

Hi,

Apologize since I have some misunderstanding reguard the shared ssl feature.

The shared ssl can’t resolve your issue… and for cPanel servers, I’m out of clue on how to share any certificate across different user accounts… (since wildcard certificate should help with your rate limit issue)

Maybe @_az’s commercial product fleetssl has this feature?

Thank you


#5

Given your scenario, if you want to continue using Let’s Encrypt, I think that issuing a wildcard certificate and setting it as the shared certificate is probably the easiest thing you can do. AutoSSL and FleetSSL aren’t well suited for cross-account certificate sharing.

I’d also suggest that the Comodo AutoSSL provider may be a better option for you. I’m not too sure on the specifics but as far as I know, it does not have these kinds of domain-based rate limits.


#6

At the moment, I can see that you have installed the cPanel Comodo SSL on your “client.wppilot.in” subdomain. Since you are using the separate cPanel for your all subdomains then there should be a separate entry for this subdomain under Manage SSL Hosts for this subdomain so you can try deleting the SSL from the WHM interface >> Home >> SSL/TLS >> Manage SSL Hosts for subdomain “client.wppilot.in” and then install the LetsEncrypt’s SSL again.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.